From b5a48ef23ef9d0eefbdcd9071b9148e20163cfad Mon Sep 17 00:00:00 2001
From: Derek Smith <derek@farscapian.com>
Date: Sun, 9 Oct 2022 20:35:02 -0400
Subject: [PATCH] Updates to migration restoration.

---
 cluster.sh                           | 286 +++++++++++++--------------
 deployment/www/stop_docker_stacks.sh |   4 +-
 reset_env.sh                         |   2 +-
 3 files changed, 141 insertions(+), 151 deletions(-)

diff --git a/cluster.sh b/cluster.sh
index 6ce1707..7b1d8dd 100755
--- a/cluster.sh
+++ b/cluster.sh
@@ -7,31 +7,26 @@ cd "$(dirname "$0")"
 # it reaches out to an SSH endpoint and provisions that machine
 # to use LXD.
 
-COMMAND="${1:-}"
 DATA_PLANE_MACVLAN_INTERFACE=
 DISK_TO_USE=loop
 
-if [ "$COMMAND" = create ]; then
+# override the cluster name.
+CLUSTER_NAME="${1:-}"
+if [ -z "$CLUSTER_NAME" ]; then
+    echo "ERROR: The cluster name was not provided."
+    exit 1
+fi
 
-    # override the cluster name.
-    CLUSTER_NAME="${2:-}"
-    
+#shellcheck disable=SC1091
+source ./defaults.sh
 
-    if [ -z "$CLUSTER_NAME" ]; then
-        echo "ERROR: The cluster name was not provided."
-        exit 1
-    fi
+export CLUSTER_PATH="$CLUSTERS_DIR/$CLUSTER_NAME"
+CLUSTER_DEFINITION="$CLUSTER_PATH/cluster_definition"
+export CLUSTER_DEFINITION="$CLUSTER_DEFINITION"
 
-    #shellcheck disable=SC1091
-    source ./defaults.sh
-
-    export CLUSTER_PATH="$CLUSTERS_DIR/$CLUSTER_NAME"
-    CLUSTER_DEFINITION="$CLUSTER_PATH/cluster_definition"
-    export CLUSTER_DEFINITION="$CLUSTER_DEFINITION"
-
-    mkdir -p "$CLUSTER_PATH"
-    if [ ! -f "$CLUSTER_DEFINITION" ]; then
-        # stub out a cluster_definition.
+mkdir -p "$CLUSTER_PATH"
+if [ ! -f "$CLUSTER_DEFINITION" ]; then
+    # stub out a cluster_definition.
     cat >"$CLUSTER_DEFINITION" <<EOL
 #!/bin/bash
 
@@ -39,128 +34,128 @@ if [ "$COMMAND" = create ]; then
 
 export LXD_CLUSTER_PASSWORD="$(gpg --gen-random --armor 1 14)"
 export SOVEREIGN_STACK_MAC_ADDRESS="CHANGE_ME_REQUIRED"
-export PROJECT_NAME="$CLUSTER_NAME-public"
+export PROJECT_NAME="public"
 export REGISTRY_URL="http://$(hostname).$(resolvectl status | grep 'DNS Domain:' | awk '{ print $3 }'):5000"
 export REGISTRY_USERNAME="CHANGE_ME"
 export REGISTRY_PASSWORD="CHANGE_ME"
 
 EOL
 
-        chmod 0744 "$CLUSTER_DEFINITION"
-        echo "We stubbed out a '$CLUSTER_DEFINITION' file for you."
-        echo "Use this file to customize your cluster deployment;"
-        echo "Check out 'https://www.sovereign-stack.org/cluster-definition' for an example."
+    chmod 0744 "$CLUSTER_DEFINITION"
+    echo "We stubbed out a '$CLUSTER_DEFINITION' file for you."
+    echo "Use this file to customize your cluster deployment;"
+    echo "Check out 'https://www.sovereign-stack.org/cluster-definition' for an example."
+    exit 1
+fi
+
+source "$CLUSTER_DEFINITION"
+
+if ! lxc remote list | grep -q "$CLUSTER_NAME"; then
+    FQDN="${2:-}"
+    shift
+
+    if [ -z "$FQDN" ]; then
+        echo "ERROR: The Fully Qualified Domain Name of the new cluster member was not set."
         exit 1
     fi
 
-    source "$CLUSTER_DEFINITION"
-
-    if ! lxc remote list | grep -q "$CLUSTER_NAME"; then
-        FQDN="${3:-}"
-        shift
-
-        if [ -z "$FQDN" ]; then
-            echo "ERROR: The Fully Qualified Domain Name of the new cluster member was not set."
-            exit 1
-        fi
-
-        # let's check to ensure we have SSH access to the specified host.
-        if ! wait-for-it -t 5 "$FQDN:22"; then
-            echo "ERROR: We can't get an SSH connection to '$FQDN:22'. Ensure you have the host set up correctly."
-            exit 1
-        fi
-
-        # grab any modifications from the command line.
-        for i in "$@"; do
-            case $i in
-                --data-plane-interface=*)
-                    DATA_PLANE_MACVLAN_INTERFACE="${i#*=}"
-                    shift
-                ;;
-                --disk=*)
-                    DISK_TO_USE="${i#*=}"
-                    shift
-                ;;
-                *)
-
-                ;;
-            esac
-        done
-
-        # if [ -z "$DATA_PLANE_MACVLAN_INTERFACE" ]; then
-        #     echo "INFO: It looks like you didn't provide input on the command line for the data plane macvlan interface."
-        #     echo "      We need to know which interface that is! Enter it here now."
-        #     echo ""
-
-        #     ssh "ubuntu@$FQDN" ip link
-
-        #     echo "Please enter the network interface that's dedicated to the Sovereign Stack data plane: "
-        #     read -r DATA_PLANE_MACVLAN_INTERFACE
-
-        # fi
-
-        # if [ -z "$DISK_TO_USE" ]; then
-        #     echo "INFO: It looks like the DISK_TO_USE has not been set. Enter it now."
-        #     echo ""
-
-        #     ssh "ubuntu@$FQDN" lsblk
-
-        #     USER_DISK=
-        #     echo "Please enter the disk or partition that Sovereign Stack will use to store data (default: loop):  "
-        #     read -r USER_DISK
-
-        # fi
-
-    else
-        echo "ERROR: the cluster already exists! You need to go delete your lxd remote if you want to re-create your cluster."
-        echo "       It's may also be helpful to reset/rename your cluster path."
+    # let's check to ensure we have SSH access to the specified host.
+    if ! wait-for-it -t 5 "$FQDN:22"; then
+        echo "ERROR: We can't get an SSH connection to '$FQDN:22'. Ensure you have the host set up correctly."
         exit 1
     fi
 
-    # ensure we actually have that interface on the system.
-    echo "DATA_PLANE_MACVLAN_INTERFACE: $DATA_PLANE_MACVLAN_INTERFACE"
-    if ! ssh "ubuntu@$FQDN" ip link | grep "$DATA_PLANE_MACVLAN_INTERFACE" | grep -q ",UP"; then
-        echo "ERROR: We could not find your interface in our list of available interfaces. Please run this command again."
-        echo "NOTE: You can always specify on the command line by adding the '--data-plane-interface=eth0', for example."
+    # grab any modifications from the command line.
+    for i in "$@"; do
+        case $i in
+            --data-plane-interface=*)
+                DATA_PLANE_MACVLAN_INTERFACE="${i#*=}"
+                shift
+            ;;
+            --disk=*)
+                DISK_TO_USE="${i#*=}"
+                shift
+            ;;
+            *)
+
+            ;;
+        esac
+    done
+
+    # if [ -z "$DATA_PLANE_MACVLAN_INTERFACE" ]; then
+    #     echo "INFO: It looks like you didn't provide input on the command line for the data plane macvlan interface."
+    #     echo "      We need to know which interface that is! Enter it here now."
+    #     echo ""
+
+    #     ssh "ubuntu@$FQDN" ip link
+
+    #     echo "Please enter the network interface that's dedicated to the Sovereign Stack data plane: "
+    #     read -r DATA_PLANE_MACVLAN_INTERFACE
+
+    # fi
+
+    # if [ -z "$DISK_TO_USE" ]; then
+    #     echo "INFO: It looks like the DISK_TO_USE has not been set. Enter it now."
+    #     echo ""
+
+    #     ssh "ubuntu@$FQDN" lsblk
+
+    #     USER_DISK=
+    #     echo "Please enter the disk or partition that Sovereign Stack will use to store data (default: loop):  "
+    #     read -r USER_DISK
+
+    # fi
+
+else
+    echo "ERROR: the cluster already exists! You need to go delete your lxd remote if you want to re-create your cluster."
+    echo "       It's may also be helpful to reset/rename your cluster path."
+    exit 1
+fi
+
+# ensure we actually have that interface on the system.
+echo "DATA_PLANE_MACVLAN_INTERFACE: $DATA_PLANE_MACVLAN_INTERFACE"
+if ! ssh "ubuntu@$FQDN" ip link | grep "$DATA_PLANE_MACVLAN_INTERFACE" | grep -q ",UP"; then
+    echo "ERROR: We could not find your interface in our list of available interfaces. Please run this command again."
+    echo "NOTE: You can always specify on the command line by adding the '--data-plane-interface=eth0', for example."
+    exit 1
+fi
+
+# if the disk is loop-based, then we assume the / path exists.
+if [ "$DISK_TO_USE" != loop ]; then
+    # ensure we actually have that disk/partition on the system.
+    if ssh "ubuntu@$FQDN" lsblk | grep -q "$DISK_TO_USE"; then
+        echo "ERROR: We could not the disk you specified. Please run this command again and supply a different disk."
+        echo "NOTE: You can always specify on the command line by adding the '--disk=/dev/sdd', for example."
         exit 1
     fi
+fi
 
-    # if the disk is loop-based, then we assume the / path exists.
-    if [ "$DISK_TO_USE" != loop ]; then
-        # ensure we actually have that disk/partition on the system.
-        if ssh "ubuntu@$FQDN" lsblk | grep -q "$DISK_TO_USE"; then
-            echo "ERROR: We could not the disk you specified. Please run this command again and supply a different disk."
-            echo "NOTE: You can always specify on the command line by adding the '--disk=/dev/sdd', for example."
-            exit 1
-        fi
+# The MGMT Plane IP is the IP address that the LXD API binds to, which happens
+# to be the same as whichever SSH connection you're coming in on.
+MGMT_PLANE_IP="$(ssh ubuntu@"$FQDN" env | grep SSH_CONNECTION | cut -d " " -f 3)"
+IP_OF_MGMT_MACHINE="$(ssh ubuntu@"$FQDN" env | grep SSH_CLIENT | cut -d " " -f 1 )"
+IP_OF_MGMT_MACHINE="${IP_OF_MGMT_MACHINE#*=}"
+IP_OF_MGMT_MACHINE="$(echo "$IP_OF_MGMT_MACHINE" | cut -d: -f1)"
+
+# error out if the cluster password is unset.
+if [ -z "$LXD_CLUSTER_PASSWORD" ]; then
+    echo "ERROR: LXD_CLUSTER_PASSWORD must be set in your cluster_definition."
+    exit 1
+fi
+
+if ! command -v lxc >/dev/null 2>&1; then
+    if lxc profile list --format csv | grep -q sovereign-stack; then
+        lxc profile delete sovereign-stack
+        sleep 1
     fi
 
-    # The MGMT Plane IP is the IP address that the LXD API binds to, which happens
-    # to be the same as whichever SSH connection you're coming in on.
-    MGMT_PLANE_IP="$(ssh ubuntu@"$FQDN" env | grep SSH_CONNECTION | cut -d " " -f 3)"
-    IP_OF_MGMT_MACHINE="$(ssh ubuntu@"$FQDN" env | grep SSH_CLIENT | cut -d " " -f 1 )"
-    IP_OF_MGMT_MACHINE="${IP_OF_MGMT_MACHINE#*=}"
-    IP_OF_MGMT_MACHINE="$(echo "$IP_OF_MGMT_MACHINE" | cut -d: -f1)"
-
-    # error out if the cluster password is unset.
-    if [ -z "$LXD_CLUSTER_PASSWORD" ]; then
-        echo "ERROR: LXD_CLUSTER_PASSWORD must be set in your cluster_definition."
-        exit 1
+    if lxc network list --format csv | grep -q lxdbrSS; then
+        lxc network delete lxdbrSS
+        sleep 1
     fi
+fi
 
-    if ! command -v lxc >/dev/null 2>&1; then
-        if lxc profile list --format csv | grep -q sovereign-stack; then
-            lxc profile delete sovereign-stack
-            sleep 1
-        fi
-
-        if lxc network list --format csv | grep -q lxdbrSS; then
-            lxc network delete lxdbrSS
-            sleep 1
-        fi
-    fi
-
-    ssh -t "ubuntu@$FQDN" "
+ssh -t "ubuntu@$FQDN" "
 # set host firewall policy. 
 # allow LXD API from management network.
 # sudo ufw allow from ${IP_OF_MGMT_MACHINE}/32 proto tcp to $MGMT_PLANE_IP port 8443
@@ -176,15 +171,15 @@ if ! snap list | grep -q lxd; then
     sleep 4
 fi
 "
-    # if the DATA_PLANE_MACVLAN_INTERFACE is not specified, then we 'll
-    # just attach VMs to the network interface used for for the default route.
-    if [ -z "$DATA_PLANE_MACVLAN_INTERFACE" ]; then
-        DATA_PLANE_MACVLAN_INTERFACE="$(ssh -t ubuntu@"$FQDN" ip route | grep default | cut -d " " -f 5)"
-    fi
+# if the DATA_PLANE_MACVLAN_INTERFACE is not specified, then we 'll
+# just attach VMs to the network interface used for for the default route.
+if [ -z "$DATA_PLANE_MACVLAN_INTERFACE" ]; then
+    DATA_PLANE_MACVLAN_INTERFACE="$(ssh -t ubuntu@"$FQDN" ip route | grep default | cut -d " " -f 5)"
+fi
 
-    # stub out the lxd init file for the remote SSH endpoint.
-    CLUSTER_MASTER_LXD_INIT="$CLUSTER_PATH/lxdinit_profile.yml"
-    cat >"$CLUSTER_MASTER_LXD_INIT" <<EOF
+# stub out the lxd init file for the remote SSH endpoint.
+CLUSTER_MASTER_LXD_INIT="$CLUSTER_PATH/lxdinit_profile.yml"
+cat >"$CLUSTER_MASTER_LXD_INIT" <<EOF
 config:
   core.https_address: ${MGMT_PLANE_IP}:8443
   core.trust_password: ${LXD_CLUSTER_PASSWORD}
@@ -215,25 +210,20 @@ cluster:
   cluster_token: ""
 EOF
 
+# configure the LXD Daemon with our preseed.
+cat "$CLUSTER_MASTER_LXD_INIT" | ssh "ubuntu@$FQDN" lxd init --preseed
 
-    # configure the LXD Daemon with our preseed.
-    cat "$CLUSTER_MASTER_LXD_INIT" | ssh "ubuntu@$FQDN" lxd init --preseed
+# ensure the lxd service is available over the network, then add a lxc remote, then switch the active remote to it.
+if wait-for-it -t 20 "$FQDN:8443"; then
+    # now create a remote on your local LXC client and switch to it.
+    # the software will now target the new cluster.
+    lxc remote add "$CLUSTER_NAME" "$FQDN" --password="$LXD_CLUSTER_PASSWORD" --protocol=lxd --auth-type=tls --accept-certificate
+    lxc remote switch "$CLUSTER_NAME"
 
-    # ensure the lxd service is available over the network, then add a lxc remote, then switch the active remote to it.
-    if wait-for-it -t 20 "$FQDN:8443"; then
-        # now create a remote on your local LXC client and switch to it.
-        # the software will now target the new cluster.
-        lxc remote add "$CLUSTER_NAME" "$FQDN" --password="$LXD_CLUSTER_PASSWORD" --protocol=lxd --auth-type=tls --accept-certificate
-        lxc remote switch "$CLUSTER_NAME"
-
-        echo "INFO: You have create a new cluster named '$CLUSTER_NAME'. Great! We switched your lxd remote to it."
-    else
-        echo "ERROR: Could not detect the LXD endpoint. Something went wrong."
-        exit 1
-    fi
-
-    echo "HINT: Now you can consider running 'ss-deploy'."
+    echo "INFO: You have create a new cluster named '$CLUSTER_NAME'. Great! We switched your lxd remote to it."
 else
-  echo "ERROR: invalid command."
-  exit 1
+    echo "ERROR: Could not detect the LXD endpoint. Something went wrong."
+    exit 1
 fi
+
+echo "HINT: Now you can consider running 'ss-deploy'."
diff --git a/deployment/www/stop_docker_stacks.sh b/deployment/www/stop_docker_stacks.sh
index 4624630..d9ccac6 100755
--- a/deployment/www/stop_docker_stacks.sh
+++ b/deployment/www/stop_docker_stacks.sh
@@ -39,7 +39,7 @@ for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
 
             if [ "$RESTORE_WWW" = true ]; then
                 ./restore_path.sh
-                ssh "$PRIMARY_WWW_FQDN" sudo chown ubuntu:ubuntu "$REMOTE_HOME/$APP"
+                #ssh "$PRIMARY_WWW_FQDN" sudo chown ubuntu:ubuntu "$REMOTE_HOME/$APP"
             elif [ "$BACKUP_APPS"  = true ]; then
                 # if we're not restoring, then we may or may not back up.
                 ./backup_path.sh
@@ -87,7 +87,7 @@ for DOMAIN_NAME in ${DOMAIN_LIST//,/ }; do
         sleep 5
         echo "STARTING restore_path.sh for letsencrypt."
         ./restore_path.sh
-        ssh "$PRIMARY_WWW_FQDN" sudo chown ubuntu:ubuntu "$REMOTE_HOME/$APP"
+        #ssh "$PRIMARY_WWW_FQDN" sudo chown ubuntu:ubuntu "$REMOTE_HOME/$APP"
     elif [ "$BACKUP_APPS"  = true ]; then
         # if we're not restoring, then we may or may not back up.
         ./backup_path.sh
diff --git a/reset_env.sh b/reset_env.sh
index f3caad3..33c5390 100755
--- a/reset_env.sh
+++ b/reset_env.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-set -ex
+set -eu
 
 export DOMAIN_NAME=
 export DUPLICITY_BACKUP_PASSPHRASE=