This repository has been archived by the owner on Nov 23, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbootstrap.sh
executable file
·163 lines (134 loc) · 5.26 KB
/
bootstrap.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
#!/bin/bash
#
# Skrypt ustawiający maszynę wirtualną wirtualną przez Vagranta przy `vagrant up`
# można go uruchamiać z shella `vagrant ssh`, aby przeładować wszystko - jest to
# przydatne przy modyfikacji plików dla systemd: .service, .timer i .socket
#
# Jest też wywoływany przy budowaniu kontenera Podmana na produkcję, wtedy
# z argumentem --prod
set -xeu
shopt -s nullglob
prod=0
if [[ $# -ge 1 && $1 == --prod ]]; then
prod=1
fi
# Na dockerze/podmanie przy konfiguracji systemd nie jest dostępne - nie działa `systemctl enable`
# można to obejść manualnie tworząc symlink w /etc/systemd/system/{target}.wants/{unit} do pliku z unitem
systemctl_enable() {
if [[ -d /run/systemd/system ]]; then
systemctl enable "$@"
else
if [[ $1 == --now ]]; then
shift
fi
local unit_name="$1"
local unit_file="/etc/systemd/system/$unit_name"
local wanted_by=$(< "$unit_file" sed 's/\s*#.*//' | awk -F'=' '/^\[.*\]$/{section=$0;next} section=="[Install]" { $1=""; print }')
local target
for target in $wanted_by; do
local target_path="/etc/systemd/system/${target}.wants/"
local symlink_path="$target_path/$unit_name"
local symlink_target="/etc/systemd/system/$unit_name"
mkdir -p "$target_path"
ln -s "$symlink_target" "$symlink_path"
done
fi
}
if ! ((prod)); then
# Allow login to root like to the vagrant user
mkdir -p /root/.ssh
cp /home/vagrant/.ssh/authorized_keys /root/.ssh/
chown root:root /root/.ssh /root/.ssh/authorized_keys
chmod 600 /root/.ssh /root/.ssh/authorized_keys
fi
# Do an apt-get update only if there wasn't one in the last 3 hours (makes vagrant provision faster)
if [ -z "$(find /var/cache/apt -maxdepth 0 -mmin -180)" ]; then
apt-get update
fi
apt-get install -y --no-install-recommends \
git wget gnupg ca-certificates less procps sudo mailutils htop gunicorn gawk \
python3 python3-flask python3-flask-login python3-psycopg2 python3-bcrypt python3-pip python3-tz python3-dateutil
if ! ((prod)); then
apt-get install -y --no-install-recommends postgresql postgresql-client
fi
# Install openresty if not already installed
if ! dpkg -l openresty &> /dev/null; then
# there's only ubuntu and debian
# nothing else exists
if lsb_release -a | grep -i -q ubuntu; then
wget -O - https://openresty.org/package/pubkey.gpg | sudo gpg --dearmor -o /usr/share/keyrings/openresty.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/openresty.gpg] http://openresty.org/package/ubuntu $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/openresty.list > /dev/null
apt-get update
apt-get -y install --no-install-recommends openresty
else
# debian
wget -O - https://openresty.org/package/pubkey.gpg | apt-key add - \
&& codename=`grep -Po 'VERSION="[0-9]+ \(\K[^)]+' /etc/os-release` \
&& echo "deb http://openresty.org/package/debian $codename openresty" | tee /etc/apt/sources.list.d/openresty.list \
&& apt-get update \
&& apt-get -y install --no-install-recommends openresty
fi
fi
unlink /etc/openresty/nginx.conf || true
ln -s /opt/sw/sw-openresty/nginx.conf /etc/openresty/nginx.conf
apt-get install -y openresty-opm
opm get 3scale/lua-resty-url
pip3 install furl
if ! ((prod)); then
rm -f /etc/postfix/{main.cf,password}
ln -s /opt/sw/sw-postfix/main.cf /etc/postfix/
cp /opt/sw/sw-postfix/password /etc/postfix/
postmap /etc/postfix/password # Can't do it on a symlink
systemctl enable --now postgresql || true
fi
for requirements_file in /opt/sw/*/requirements.txt; do
pip3 install -r "$requirements_file"
done
mkdir -p /opt/sw/{v,v-archive,poll,logs}
chown -R www-data:www-data /opt/sw/{v,poll,logs}
# Start up all systemd services
services_unit_files=( /opt/sw/*/*.{service,timer,socket} )
cp -t /etc/systemd/system/ -- "${services_unit_files[@]}"
if ! ((prod)); then
systemctl daemon-reload
fi
extra_services=()
if ! ((prod)); then
extra_services+=( openresty postfix )
fi
all_services=()
for service_unit_file in "${services_unit_files[@]}" "${extra_services[@]}"; do
all_services+=( "$(basename "$service_unit_file")" )
done
if (( prod )); then
for service_name in "${all_services[@]}"; do
systemctl_enable "$service_name"
done
else
for service_name in "${all_services[@]}"; do
{
if systemctl cat "$service_name" | grep -q '^\[Install\]'; then
if systemctl is-failed "$service_name" >/dev/null; then
systemctl reset-failed "$service_name"
fi
systemctl restart "$service_name" || true
systemctl enable --now "$service_name" || true
fi
} &
done
fi
make-script() {
echo "#!/bin/sh
$2" > "/usr/local/bin/$1"
chmod +x "/usr/local/bin/$1"
}
make-script sw-logs "journalctl -e -b $(printf -- '-u %q"*" ' "${extra_services[@]}") -u 'sw-*' --lines=all --follow"
make-script sw-status "systemctl status -l --no-pager --lines=100 $(printf '%q ' "${all_services[@]}")"
make-script sw-restart "systemctl reset-failed $(printf '%q ' "${all_services[@]}"); systemctl restart $(printf '%q ' "${all_services[@]}")"
if ! ((prod)); then
# Mount runtime directories as tmpfs so this works when ran on windows
for dir in /opt/sw/{poll,v,v-archive,logs}; do
mount -t tmpfs tmpfs "$dir" &
done
wait # wait for this "&" and previous one - when enabling systemd services
fi