diff --git a/deployment/base.sh b/deployment/base.sh old mode 100644 new mode 100755 diff --git a/deployment/deploy_vm.sh b/deployment/deploy_vm.sh index 9336a90..62e50db 100755 --- a/deployment/deploy_vm.sh +++ b/deployment/deploy_vm.sh @@ -10,7 +10,7 @@ SSH_STRING="Host ${FQDN}" if ! grep -q "$SSH_STRING" "$SSH_HOME/config"; then ########## BEGIN -cat >> "$SSH_HOME/config" <<-EOF + cat >> "$SSH_HOME/config" <<-EOF ${SSH_STRING} HostName ${FQDN} diff --git a/deployment/deployment_defaults.sh b/deployment/deployment_defaults.sh old mode 100644 new mode 100755 diff --git a/deployment/remote.sh b/deployment/remote.sh index 9e984d7..17f00f9 100755 --- a/deployment/remote.sh +++ b/deployment/remote.sh @@ -222,7 +222,7 @@ if wait-for-it -t 20 "$FQDN:8443"; then lxc remote add "$REMOTE_NAME" "$FQDN" --password="$LXD_REMOTE_PASSWORD" --protocol=lxd --auth-type=tls --accept-certificate lxc remote switch "$REMOTE_NAME" - echo "INFO: You have create a new remote named '$REMOTE_NAME'. Your lxc client is now target it." + echo "INFO: A new remote named '$REMOTE_NAME' has been created. Your LXC client has been switched to it." else echo "ERROR: Could not detect the LXD endpoint. Something went wrong." exit 1 @@ -251,5 +251,7 @@ if ! lxc storage list --format csv | grep -q ss-base; then # done else - echo "WARNING! The host '$FQDN' appears to have Sovereign Stack worksloads already provisioned. Proceed with care." + echo "WARNING! The host '$FQDN' appears to have Sovereign Stack worksloads already provisioned." + echo "INFO: Here are your current Deployments." + lxc project list -q fi diff --git a/deployment/stub_lxc_profile.sh b/deployment/stub_lxc_profile.sh index 9201c9a..b76fe79 100755 --- a/deployment/stub_lxc_profile.sh +++ b/deployment/stub_lxc_profile.sh @@ -135,6 +135,9 @@ EOF { "registry-mirrors": [ "${REGISTRY_URL}" + ], + "labels": [ + "PROJECT_COMMIT=${PROJECT_GIT_COMMIT}" ] } diff --git a/deployment/target.sh b/deployment/target.sh new file mode 100755 index 0000000..dee394d --- /dev/null +++ b/deployment/target.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +export TARGET_PROJECT_GIT_COMMIT=7da3f29f42d20fe56f67362fac210dcd1ab863b0 \ No newline at end of file diff --git a/deployment/up.sh b/deployment/up.sh index b3f66c6..1f70db2 100755 --- a/deployment/up.sh +++ b/deployment/up.sh @@ -34,7 +34,7 @@ if lxc remote get-default | grep -q "production"; then fi - +OTHER_SITES_LIST= PRIMARY_DOMAIN= RUN_CERT_RENEWAL=true SKIP_BASE_IMAGE_CREATION=false @@ -151,10 +151,6 @@ export RESTORE_CERTS="$RESTORE_CERTS" # todo convert this to Trezor-T SSH_PUBKEY_PATH="$SSH_HOME/id_rsa.pub" export SSH_PUBKEY_PATH="$SSH_PUBKEY_PATH" -if [ ! -f "$SSH_PUBKEY_PATH" ]; then - # generate a new SSH key for the base vm image. - ssh-keygen -f "$SSH_HOME/id_rsa" -t ecdsa -b 521 -N "" -fi # ensure our remote path is created. mkdir -p "$REMOTE_PATH" @@ -192,7 +188,7 @@ function stub_site_definition { # stub out a site.conf with new passwords. cat >"$SITE_DEFINITION_PATH" <"$PROJECT_DEFINITION_PATH" < /home/ubuntu/.ss-githead" else echo "INFO: Skipping www VM." fi @@ -432,8 +427,6 @@ export DOMAIN_NAME="$PRIMARY_DOMAIN" export SITE_PATH="$SITES_PATH/$DOMAIN_NAME" if [ "$SKIP_BTCPAY" = false ]; then ./project/btcpayserver/go.sh - - ssh ubuntu@"$BTCPAY_FQDN" "echo $LATEST_GIT_COMMIT > /home/ubuntu/.ss-githead" else echo "INFO: Skipping the btcpayserver VM." fi \ No newline at end of file diff --git a/deployment/update.sh b/deployment/update.sh index e0cba52..11631a1 100755 --- a/deployment/update.sh +++ b/deployment/update.sh @@ -49,7 +49,7 @@ for VM in www btcpayserver; do # if the VM doesn't exist, the we emit an error message and hard quit. if ! lxc list --format csv | grep -q "$LXD_NAME"; then - echo "ERROR: there is no VM named '$LXD_NAME'. You probably need to run ss-deploy again." + echo "ERROR: there is no VM named '$LXD_NAME'. You probably need to run ss-up again." exit 1 fi done diff --git a/install.sh b/install.sh index 73e36b8..4d0affd 100755 --- a/install.sh +++ b/install.sh @@ -219,3 +219,17 @@ fi if [ "$ADDED_COMMAND" = true ]; then echo "NOTICE! You need to run 'source ~/.bashrc' before continuing. After that, type 'ss-manage' to enter your management environment." fi + +. ./deployment/target.sh + +# As part of the install script, we pull down any other sovereign-stack git repos +PROJECTS_SCRIPTS_REPO_URL="https://git.sovereign-stack.org/ss/project" +PROJECTS_SCRIPTS_PATH="$(pwd)/deployment/project" +if [ ! -d "$PROJECTS_SCRIPTS_PATH" ]; then + git clone "$PROJECTS_SCRIPTS_REPO_URL" "$PROJECTS_SCRIPTS_PATH" +else + cd "$PROJECTS_SCRIPTS_PATH" + git -c advice.detachedHead=false pull origin main + git checkout "$TARGET_PROJECT_GIT_COMMIT" + cd - +fi \ No newline at end of file diff --git a/management/bash_aliases b/management/bash_aliases old mode 100755 new mode 100644 diff --git a/management/bash_profile b/management/bash_profile old mode 100755 new mode 100644 diff --git a/update.sh b/update.sh old mode 100644 new mode 100755