1
1
sovereign-stack/domain_init.sh
2021-12-25 13:43:01 -05:00

94 lines
3.0 KiB
Bash
Executable File

#!/bin/bash
set -exuo nounset
cd "$(dirname "$0")"
# let's make sure we have an ssh keypair. We just use ~/.ssh/id_rsa
if [ ! -f "$SSH_HOME/id_rsa" ]; then
# generate a new SSH key for the base vm image.
ssh-keygen -f "$SSH_HOME/id_rsa" -t ecdsa -b 521 -N ""
fi
# if an authorized_keys file does not exist, we'll stub one out with the current user.
# add additional id_rsa.pub entries manually for more administrative logins.
if [ ! -f "$SITE_PATH/authorized_keys" ]; then
cat "$SSH_HOME/id_rsa.pub" >> "$SITE_PATH/authorized_keys"
fi
## This is a weird if clause since we need to LEFT-ALIGN the statement below.
SSH_STRING="Host ${FQDN}"
if ! grep -q "$SSH_STRING" "$SSH_HOME/config"; then
########## BEGIN
cat >> "$SSH_HOME/config" <<-EOF
${SSH_STRING}
HostName ${FQDN}
User ubuntu
EOF
###
fi
# when set to true, this flag indicates that a new VPS was created during THIS script run.
if [ "$VPS_HOSTING_TARGET" = aws ]; then
# let's create the remote VPS if needed.
if ! docker-machine ls -q --filter name="$FQDN" | grep -q "$FQDN"; then
RUN_BACKUP=false
./provision_vps.sh
./prepare_vps_host.sh
fi
elif [ "$VPS_HOSTING_TARGET" = lxd ]; then
ssh-keygen -f "$SSH_HOME/known_hosts" -R "$FQDN"
#check to ensure the MACVLAN interface has been set by the user
if [ -z "$DEV_MACVLAN_INTERFACE" ]; then
echo "ERROR: DEV_MACVLAN_INTERFACE has not been defined. Use '--macvlan-interface=eno1' for example."
exit 1
fi
# let's first check to ensure there's a cert.tar.gz. We need a valid cert for testing.
if [ ! -f "$SITE_PATH/certs.tar.gz" ]; then
echo "ERROR: We need a valid cert for testing. Please use the '--app=certonly' first."
exit
fi
# if the machine doesn't exist, we create it.
if ! lxc list --format csv | grep -q "$LXD_VM_NAME"; then
RUN_BACKUP=false
# create a base image if needed and instantiate a VM.
./provision_lxc.sh
fi
# prepare the VPS to support our applications and backups and stuff.
./prepare_vps_host.sh
fi
# clear
# this tells our local docker client to target the remote endpoint via SSH
export DOCKER_HOST="ssh://ubuntu@$FQDN"
# the following scripts take responsibility for the rest of the provisioning depending on the app you're deploying.
if [ "$APP_TO_DEPLOY" = www ]; then
./go_www.sh
elif [ "$APP_TO_DEPLOY" = btcpay ]; then
./go_btcpay.sh
elif [ "$APP_TO_DEPLOY" = certonly ]; then
# renew the certs; certbot takes care of seeing if we need to actually renew.
if [ "$RUN_CERT_RENEWAL" = true ]; then
./generate_certs.sh
fi
echo "INFO: Please run 'docker-machine rm -f $FQDN' to remove the remote VPS."
exit
else
echo "ERROR: APP_TO_DEPLOY not set correctly. Please refer to the documentation for allowable values."
exit
fi
echo "Successfull deployed '$DOMAIN_NAME' with git commit '$(cat ./.git/refs/heads/master)' VPS_HOSTING_TARGET=$VPS_HOSTING_TARGET; Latest git tag is $LATEST_GIT_TAG" >> "$SITE_PATH/debug.log"