From ef05ce2a604dccbe729a2d7d8742a4babc0b7fb5 Mon Sep 17 00:00:00 2001 From: gyurix Date: Sat, 15 Mar 2025 10:07:23 +0100 Subject: [PATCH] Add upgrade functionality to scheduler and refactor upgrade script --- scripts/scheduler/entrypoint.sh | 48 ++++++++++++------ scripts/scheduler/upgrade.sh | 86 +++++++++++++++++++++++++++++++-- 2 files changed, 114 insertions(+), 20 deletions(-) diff --git a/scripts/scheduler/entrypoint.sh b/scripts/scheduler/entrypoint.sh index d988a11..bcaf092 100644 --- a/scripts/scheduler/entrypoint.sh +++ b/scripts/scheduler/entrypoint.sh @@ -499,6 +499,28 @@ check_update() { fi } +upgrade_scheduler() { + + DOCKER_START="--entrypoint=sh $DOCKER_REGISTRY_URL/$FRAMEWORK_SCHEDULER_IMAGE:$FRAMEWORK_SCHEDULER_VERSION -c '/scripts/upgrade.sh'" + + DOCKER_RUN="/usr/bin/docker run -d \ + -v SHARED:/var/tmp/shared \ + -v /var/run/docker.sock:/var/run/docker.sock \ + -v SYSTEM_DATA:/etc/system/data \ + -v SYSTEM_CONFIG:/etc/system/config \ + -v SYSTEM_LOG:/etc/system/log \ + -v USER_DATA:/etc/user/data \ + -v USER_CONFIG:/etc/user/config \ + -v USER_SECRET:/etc/user/secret \ + --restart=always \ + --name $FRAMEWORK_SCHEDULER_NAME \ + --env WEBSERVER_PORT=$WEBSERVER_PORT \ + --network $FRAMEWORK_SCHEDULER_NETWORK \ + --env RUN_FORCE=$RUN_FORCE \ + $DOCKER_START" + eval "$DOCKER_RUN" +} + execute_task() { TASK="$1" B64_JSON="$2" @@ -784,18 +806,18 @@ execute_task() { elif [ "$TASK_NAME" == "check_vpn" ]; then - VPN_STATUS="0"; - VPN_RESULT=""; + VPN_STATUS="0" + VPN_RESULT="" CONTAINERS=$(docker ps -a --format '{{.Names}} {{.Status}}' | grep -w wireguardproxy) if [ "$CONTAINERS" != "" ]; then - UP=$(echo $CONTAINERS | grep -w 'Up') - if [ "$UP" != "" ]; then - VPN_STATUS="2"; - else - VPN_STATUS="1"; - fi; - VPN_RESULT=$(echo "$CONTAINERS" | base64 -w0) - fi; + UP=$(echo $CONTAINERS | grep -w 'Up') + if [ "$UP" != "" ]; then + VPN_STATUS="2" + else + VPN_STATUS="1" + fi + VPN_RESULT=$(echo "$CONTAINERS" | base64 -w0) + fi JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "STATUS": "'$VPN_STATUS'", "RESULT": "'$VPN_RESULT'" }' | jq -r . | base64 -w0) elif [ "$TASK_NAME" == "save_vpn" ]; then @@ -824,11 +846,7 @@ execute_task() { RESULT=$(echo "$CONTAINERS" | base64 -w0) JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "RESULT": "'$RESULT'" }' | jq -r . | base64 -w0) elif [ "$TASK_NAME" == "upgrade" ]; then - JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "UPGRADE_STATUS": "0" }' | jq -r . | base64 -w0) # install has started - install -m 664 -g 65534 /dev/null $SHARED/output/$TASK.json - echo $JSON_TARGET | base64 -d >$SHARED/output/$TASK.json - sh /scripts/upgrade.sh "$B64_JSON" "$service_exec" "true" "$GLOBAL_VERSION" - JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "UPGRADE_STATUS": "'$UPGRADE_STATUS'" }' | jq -r . | base64 -w0) + upgrade_scheduler & fi debug "JSON_TARGET: $JSON_TARGET" diff --git a/scripts/scheduler/upgrade.sh b/scripts/scheduler/upgrade.sh index 50ce766..62909a3 100755 --- a/scripts/scheduler/upgrade.sh +++ b/scripts/scheduler/upgrade.sh @@ -1,9 +1,85 @@ #!/bin/sh -B64_JSON=$1 -SERVICE_EXEC=$2 -GLOBAL_VERSION=$4 +#! /bin/sh -for SERVICE in $(echo $B64_JSON | base64 -d | jq -r 'keys[]'); do +cd /scripts +DEBUG_MODE=${DEBUG_MODE:-false} -done +DATE=$(date +%F-%H-%M-%S) + +#DOCKER_REGISTRY_URL=${DOCKER_REGISTRY_URL:-registry.format.hu} +DOCKER_REGISTRY_URL=${DOCKER_REGISTRY_URL:-safebox} +USER_INIT_PATH=$USER_INIT_PATH +GLOBAL_VERSION=${GLOBAL_VERSION:-latest} +SERVICE_DIR=${SERVICE_DIR:-/etc/user/config/services} +SECRET_DIR=${SECRET_DIR:-/etc/user/secret} + +SHARED=${SHARED:-/var/tmp/shared} + +FRAMEWORK_SCHEDULER_IMAGE=${FRAMEWORK_SCHEDULER_IMAGE:-framework-scheduler} +FRAMEWORK_SCHEDULER_NAME=${FRAMEWORK_SCHEDULER_NAME:-framework-scheduler} +FRAMEWORK_SCHEDULER_NETWORK=${FRAMEWORK_SCHEDULER_NETWORK:-framework-network} +FRAMEWORK_SCHEDULER_NETWORK_SUBNET=${FRAMEWORK_SCHEDULER_NETWORK_SUBNET:-"172.19.255.0/24"} +FRAMEWORK_SCHEDULER_VERSION=${FRAMEWORK_SCHEDULER_VERSION:-latest} +RUN_FORCE=${RUN_FORCE:-false} + +WEB_SERVER=${WEB_SERVER:-webserver} +WEB_IMAGE=${WEB_IMAGE:-web-installer} +WEBSERVER_PORT=${WEBSERVER_PORT:-8080} +WEBSERVER_VERSION=${WEBSERVER_VERSION:-latest} + +if [[ -n "$DOCKER_REGISTRY_URL" && "$DOCKER_REGISTRY_URL" != "null" ]]; then + SETUP="/setup" +else + SETUP="setup" + DOCKER_REGISTRY_URL="" +fi + +SETUP_VERSION=${SETUP_VERSION:-$GLOBAL_VERSION} + +# $DNS_PATH \ +#$CA_FILE \ +DNS_DIR="/etc/system/data/dns" +DNS="--env DNS_DIR=$DNS_DIR" +DNS_PATH="--volume $DNS_DIR:/etc/system/data/dns:rw" +HOST_FILE=$DNS_DIR"/hosts.local" +mkdir -p $DNS_DIR +touch $HOST_FILE + +mkdir -p /etc/system/data/ssl/certs +mkdir -p /etc/system/data/ssl/keys + +CA_PATH=/etc/system/data/ssl/certs +CA="--env CA_PATH=$CA_PATH" +CA_FILE="--volume $CA_PATH:$CA_PATH:ro" +mkdir -p $CA_PATH + +VOLUME_MOUNTS="-v SYSTEM_DATA:/etc/system/data -v SYSTEM_CONFIG:/etc/system/config -v SYSTEM_LOG:/etc/system/log -v USER_DATA:/etc/user/data -v USER_CONFIG:/etc/user/config -v USER_SECRET:/etc/user/secret" + +service_exec="/usr/bin/docker run --rm \ +$DNS \ +$CA \ +-w /etc/user/config/services/ \ +$VOLUME_MOUNTS \ +-v /var/run/docker.sock:/var/run/docker.sock \ +--env VOLUME_MOUNTS="$(echo $VOLUME_MOUNTS | base64 -w0)" \ +--env DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL \ +--env SETUP_VERSION=$SETUP_VERSION \ +--env GLOBAL_VERSION=$GLOBAL_VERSION \ +--env HOST_FILE=$HOST_FILE \ +$DOCKER_REGISTRY_URL$SETUP:$SETUP_VERSION" + +SHARED=${SHARED:-/var/tmp/shared} +TASK="scheduler-upgrade" + +JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "UPGRADE_STATUS": "0" }' | jq -r . | base64 -w0) # install has started +install -m 664 -g 65534 /dev/null $SHARED/output/$TASK.json +echo $JSON_TARGET | base64 -d >$SHARED/output/$TASK.json + +/usr/bin/docker rm -f framework-scheduler +$service_exec service-framework.containers.framework-scheduler start + +JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "UPGRADE_STATUS": "1" }' | jq -r . | base64 -w0) +echo $JSON_TARGET | base64 -d >$SHARED/output/$TASK.json + +/usr/bin/docker rm -f $HOSTNAME