Compare commits
25 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| e40b900750 | |||
| ae83abef53 | |||
| 0e05eaa531 | |||
|
8c345020f7 | ||
|
|
10a6bc704c | ||
|
|
ba921a53a2 | ||
|
|
7bb96a1863 | ||
|
|
d0f65b8841 | ||
|
|
72e14d7199 | ||
|
|
566aed3752 | ||
| 3ab1b3ff54 | |||
| dafd8f345a | |||
|
|
56e2f6f05d | ||
|
|
e343bc2cb5 | ||
|
|
6d267dfd04 | ||
|
|
b049833844 | ||
| fbf15c52b5 | |||
| 3e1fee6022 | |||
|
|
27c5be7964 | ||
|
|
7b2ac2e56a | ||
| 9407f7caaf | |||
| 12cfe301e3 | |||
|
|
c2a1fbd9d8 | ||
|
|
d43536b67b | ||
|
|
da5521295d |
@@ -2,14 +2,24 @@
|
||||
|
||||
cd /scripts
|
||||
DEBUG_MODE=${DEBUG_MODE:-false}
|
||||
VERSION=1.1.0
|
||||
|
||||
# Set installed version number
|
||||
echo '{}' | jq --arg VERSION "$VERSION" '.VERSION = $VERSION' > /var/tmp/shared/output/version.json
|
||||
############################
|
||||
VERSION="1.1.1"
|
||||
|
||||
#DOCKER_REGISTRY_URL=${DOCKER_REGISTRY_URL:-registry.format.hu}
|
||||
DOCKER_REGISTRY_URL=${DOCKER_REGISTRY_URL:-safebox}
|
||||
DOCKER_REGISTRY_USERNAME=$DOCKER_REGISTRY_USERNAME
|
||||
DOCKER_REGISTRY_PASSWORD=$DOCKER_REGISTRY_PASSWORD
|
||||
|
||||
if [ -n "$DOCKER_REGISTRY_USERNAME" ] && [ -n "$DOCKER_REGISTRY_PASSWORD" ]; then
|
||||
echo "Logging in to Docker registry $DOCKER_REGISTRY_URL"
|
||||
echo "$DOCKER_REGISTRY_PASSWORD" | docker login $DOCKER_REGISTRY_URL --username $DOCKER_REGISTRY_USERNAME --password-stdin
|
||||
DOCKER_REGISTRY_ENVS="--env DOCKER_REGISTRY_USERNAME=$DOCKER_REGISTRY_USERNAME --env DOCKER_REGISTRY_PASSWORD=$DOCKER_REGISTRY_PASSWORD"
|
||||
|
||||
else
|
||||
echo "No Docker registry credentials provided, skipping login."
|
||||
fi
|
||||
|
||||
|
||||
USER_INIT_PATH=$USER_INIT_PATH
|
||||
GLOBAL_VERSION=${GLOBAL_VERSION:-latest}
|
||||
SERVICE_DIR=${SERVICE_DIR:-/etc/user/config/services}
|
||||
@@ -24,6 +34,14 @@ FRAMEWORK_SCHEDULER_NETWORK_SUBNET=${FRAMEWORK_SCHEDULER_NETWORK_SUBNET:-"172.19
|
||||
FRAMEWORK_SCHEDULER_VERSION=${FRAMEWORK_SCHEDULER_VERSION:-latest}
|
||||
RUN_FORCE=${RUN_FORCE:-false}
|
||||
|
||||
if [ "$DEBUG_MODE" == "true" ]; then
|
||||
DOCKER_START="--entrypoint=sh $DOCKER_REGISTRY_URL/$FRAMEWORK_SCHEDULER_IMAGE:$FRAMEWORK_SCHEDULER_VERSION -c 'sleep 86400'"
|
||||
SET_DEBUG_MODE="--env DEBUG_MODE=true"
|
||||
else
|
||||
DOCKER_START="$DOCKER_REGISTRY_URL/$FRAMEWORK_SCHEDULER_IMAGE:$FRAMEWORK_SCHEDULER_VERSION"
|
||||
SET_DEBUG_MODE=""
|
||||
fi
|
||||
|
||||
WEB_SERVER=${WEB_SERVER:-webserver}
|
||||
WEB_IMAGE=${WEB_IMAGE:-web-installer}
|
||||
WEBSERVER_PORT=${WEBSERVER_PORT:-8080}
|
||||
@@ -85,6 +103,8 @@ $VOLUME_MOUNTS \
|
||||
--env SETUP_VERSION=$SETUP_VERSION \
|
||||
--env GLOBAL_VERSION=$GLOBAL_VERSION \
|
||||
--env HOST_FILE=$HOST_FILE \
|
||||
$SET_DEBUG_MODE \
|
||||
$DOCKER_REGISTRY_ENVS \
|
||||
$DOCKER_REGISTRY_URL$SETUP:$SETUP_VERSION"
|
||||
|
||||
DEBUG=1
|
||||
@@ -103,8 +123,10 @@ add_json_target(){
|
||||
if [ -n "$TASK_NAME" ]; then
|
||||
TASK="upgrade-$TASK_NAME"
|
||||
fi
|
||||
|
||||
install -m 664 -g 65534 /dev/null $SHARED/output/$TASK.json
|
||||
|
||||
if [ ! -f $SHARED/output/$TASK.json ]; then
|
||||
install -m 664 -g 65534 /dev/null $SHARED/output/$TASK.json
|
||||
fi
|
||||
echo $JSON_TARGET | base64 -d >$SHARED/output/$TASK.json
|
||||
}
|
||||
|
||||
@@ -116,11 +138,13 @@ backup_query_state() {
|
||||
|
||||
generate_backup_server_secrets () {
|
||||
|
||||
mkdir -p $SECRET_DIR/backup/server
|
||||
|
||||
echo '{
|
||||
"backupserver":{
|
||||
"SSH_USER":"'$SSH_USER'",
|
||||
"SSH_PORT":"'$SSH_PORT'",
|
||||
"SSH_PASSWORD":"'$SSH_PASSWORD'"
|
||||
"SSH_PASSWORD":"'$SSH_PASSWORD'",
|
||||
"PASSWORD":"'$PASSWORD'",
|
||||
"PERIOD":"'$PERIOD'",
|
||||
"COMPRESSION":"'$COMPRESSION'",
|
||||
@@ -129,7 +153,7 @@ generate_backup_server_secrets () {
|
||||
"BACKUP_LOCAL_CLIENTS":"'$BACKUP_LOCAL_CLIENTS'",
|
||||
"BACKUP_VPN_CLIENTS":"'$BACKUP_VPN_CLIENTS'"
|
||||
}
|
||||
}' | jq -r . > /etc/user/secret/backup/server/backup.json
|
||||
}' | jq -r . > $SECRET_DIR/backup/server/backup.json
|
||||
}
|
||||
|
||||
create_backup_service () {
|
||||
@@ -157,7 +181,7 @@ create_backup_service () {
|
||||
}
|
||||
],
|
||||
"ENTRYPOINT": "sh -c",
|
||||
"CMD": "mkdir -p /etc/user/data/backup/server/",
|
||||
"CMD": "mkdir -p /etc/user/data/backup/server/ssh",
|
||||
"POST_START": []
|
||||
},
|
||||
{
|
||||
@@ -182,15 +206,16 @@ create_backup_service () {
|
||||
"DEST": "/etc/user/secret/",
|
||||
"TYPE": "ro"
|
||||
},
|
||||
{
|
||||
"SOURCE": "/etc/user/data/backup/server/ssh",
|
||||
"DEST": "/home/'$SSH_USER'/",
|
||||
"TYPE": "rw"
|
||||
}
|
||||
],
|
||||
"ENV_FILES":["/etc/user/secret/backup/server/backup.json"],
|
||||
'$ADDITIONAL'
|
||||
'$ADDITIONAL',
|
||||
"POST_START": []
|
||||
},
|
||||
}
|
||||
]
|
||||
}'
|
||||
# create backup server secrets from variables
|
||||
@@ -211,9 +236,9 @@ backup_set_service() {
|
||||
local BACKUP_VPN_CLIENTS="$8"
|
||||
|
||||
local VPN="$9"
|
||||
local SSH_PORT="${10}"
|
||||
local SSH_USER="${11}"
|
||||
local SSH_PASSWORD="${12}"
|
||||
local SSH_PORT="${10:-20022}"
|
||||
local SSH_USER="${11:-"backup"}"
|
||||
local SSH_PASSWORD="${12:-"backup"}"
|
||||
local OPERATION="${13}"
|
||||
|
||||
if [ "$OPERATION" == "DELETE" ]; then
|
||||
@@ -268,9 +293,9 @@ backup_set_client() {
|
||||
local NAME="$1"
|
||||
local SIZE="$2"
|
||||
local VPN="$3"
|
||||
local SSH_PORT="$4"
|
||||
local SSH_USER="$5"
|
||||
local SSH_PASSWORD="$6"
|
||||
local SSH_PORT="${4:-20022}"
|
||||
local SSH_USER="${5:-"backup"}"
|
||||
local SSH_PASSWORD="${6:-"backup"}"
|
||||
local OPERATION="$7"
|
||||
local VPN_KEY="$8"
|
||||
|
||||
@@ -323,7 +348,7 @@ backup_set_client() {
|
||||
}
|
||||
],
|
||||
"ENTRYPOINT": "sh -c",
|
||||
"CMD": "mkdir -p /etc/user/data/backup/clients/'$NAME'/backup && mkdir -p /etc/user/data/backup/clients/'$NAME'/ssh",
|
||||
"CMD": "mkdir -p /etc/user/data/backup/clients/'$NAME'/backup && mkdir -p /etc/user/data/backup/clients/'$NAME'/ssh && chmod -R '$SSH_USER':'$SSH_USER' /etc/user/data/backup/clients/'$NAME'",
|
||||
"POST_START": []
|
||||
},
|
||||
{
|
||||
@@ -338,13 +363,12 @@ backup_set_client() {
|
||||
"VOLUMES":[
|
||||
{
|
||||
"SOURCE": "/etc/user/data/backup/clients/'$NAME'/backup",
|
||||
"DEST": "/backup",
|
||||
"TYPE": "rw"
|
||||
},
|
||||
{
|
||||
"SOURCE": "/etc/user/data/backup/clients/'$NAME'/ssh",
|
||||
"DEST": "/home/'$SSH_USER'/",
|
||||
"TYPE": "rw"
|
||||
"DEST": "/home/'$SSH_USER'/backup",
|
||||
"TYPE": "rw"
|
||||
},
|
||||
{
|
||||
"SOURCE": "/etc/user/data/backup/clients/'$NAME'/ssh",
|
||||
"DEST": "/home/'$SSH_USER'/.ssh",
|
||||
}
|
||||
],
|
||||
"POST_START": []
|
||||
@@ -352,8 +376,8 @@ backup_set_client() {
|
||||
]
|
||||
}' | jq -r . >/etc/user/config/services/service-backup-client-$NAME.json
|
||||
|
||||
debug "service-backup-client-$NAME.json stop force dns-remove"
|
||||
$service_exec service-backup-client-$NAME.json start &
|
||||
debug "service-backup-client-$NAME.json start info"
|
||||
$service_exec service-backup-client-$NAME.json start info &
|
||||
|
||||
fi
|
||||
|
||||
@@ -512,6 +536,10 @@ get_repositories() {
|
||||
local TREES=""
|
||||
local REPO
|
||||
|
||||
if [ ! -f "/etc/user/config/repositories.json" ]; then
|
||||
create_repositories_json
|
||||
fi
|
||||
|
||||
REPOS=$(jq -r .repositories[] /etc/user/config/repositories.json) # list of repos, delimiter by space
|
||||
for REPO in $REPOS; do
|
||||
|
||||
@@ -520,7 +548,8 @@ get_repositories() {
|
||||
GIT_HTTP_CONNECT_TIMEOUT=10 GIT_HTTP_TIMEOUT=30 git clone $REPO /tmp/$BASE >/dev/null
|
||||
else
|
||||
cd /tmp/$BASE
|
||||
GIT_HTTP_CONNECT_TIMEOUT=10 GIT_HTTP_TIMEOUT=30 git pull >/dev/null
|
||||
date >> /tmp/pull.log
|
||||
GIT_HTTP_CONNECT_TIMEOUT=10 GIT_HTTP_TIMEOUT=30 git pull >> /tmp/pull.log
|
||||
fi
|
||||
if [ -f "/tmp/$BASE/applications-tree.json" ]; then
|
||||
TREES=$TREES" /tmp/$BASE/applications-tree.json"
|
||||
@@ -864,14 +893,6 @@ upgrade_scheduler() {
|
||||
debug "Upgrading framework scheduler..."
|
||||
/usr/bin/docker pull "$DOCKER_REGISTRY_URL/$FRAMEWORK_SCHEDULER_IMAGE:$FRAMEWORK_SCHEDULER_VERSION"
|
||||
|
||||
if [ "$DEBUG_MODE" == "true" ]; then
|
||||
DOCKER_START="--entrypoint=sh $DOCKER_REGISTRY_URL/$FRAMEWORK_SCHEDULER_IMAGE:$FRAMEWORK_SCHEDULER_VERSION -c 'sleep 86400'"
|
||||
SET_DEBUG_MODE="--env DEBUG_MODE=true"
|
||||
else
|
||||
DOCKER_START="$DOCKER_REGISTRY_URL/$FRAMEWORK_SCHEDULER_IMAGE:$FRAMEWORK_SCHEDULER_VERSION"
|
||||
SET_DEBUG_MODE=""
|
||||
fi
|
||||
|
||||
FRAMEWORK_SCHEDULER_NAME="$FRAMEWORK_SCHEDULER_NAME-$(head /dev/urandom | tr -dc '0-9' | head -c 6)"
|
||||
|
||||
DOCKER_RUN="/usr/bin/docker run -d \
|
||||
@@ -885,12 +906,14 @@ upgrade_scheduler() {
|
||||
-v USER_SECRET:/etc/user/secret \
|
||||
--restart=always \
|
||||
--name $FRAMEWORK_SCHEDULER_NAME \
|
||||
$DOCKER_REGISTRY_ENVS \
|
||||
$SET_DEBUG_MODE \
|
||||
--env WEBSERVER_PORT=$WEBSERVER_PORT \
|
||||
--network $FRAMEWORK_SCHEDULER_NETWORK \
|
||||
--env RUN_FORCE=$RUN_FORCE \
|
||||
--env DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL \
|
||||
$DOCKER_START"
|
||||
echo "DOCKER RUN: $DOCKER_RUN"
|
||||
eval "$DOCKER_RUN"
|
||||
}
|
||||
|
||||
@@ -1242,15 +1265,17 @@ execute_task() {
|
||||
|
||||
VPN_STATUS="0"
|
||||
VPN_RESULT=""
|
||||
CONTAINERS=$(docker ps -a --format '{{.Names}} {{.Status}}' | grep -w wireguardproxy)
|
||||
if [ "$CONTAINERS" != "" ]; then
|
||||
UP=$(echo $CONTAINERS | grep -w 'Up')
|
||||
if [ "$UP" != "" ]; then
|
||||
VPN_STATUS="2"
|
||||
else
|
||||
VPN_STATUS="1"
|
||||
if [ -f $SECRET_DIR/vpn-proxy/wg0.conf ]; then
|
||||
CONTAINERS=$(docker ps -a --format '{{.Names}} {{.Status}}' | grep -w wireguardproxy)
|
||||
if [ "$CONTAINERS" != "" ]; then
|
||||
UP=$(echo $CONTAINERS | grep -w 'Up')
|
||||
if [ "$UP" != "" ]; then
|
||||
VPN_STATUS="1"
|
||||
else
|
||||
VPN_STATUS="2"
|
||||
fi
|
||||
VPN_RESULT=$(echo "$CONTAINERS" | base64 -w0)
|
||||
fi
|
||||
VPN_RESULT=$(echo "$CONTAINERS" | base64 -w0)
|
||||
fi
|
||||
JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "STATUS": "'$VPN_STATUS'", "RESULT": "'$VPN_RESULT'" }' | jq -r . | base64 -w0)
|
||||
|
||||
@@ -1339,7 +1364,7 @@ execute_task() {
|
||||
JSON="$(echo $B64_JSON | base64 -d)"
|
||||
NAME=$(echo "$JSON" | jq -r .NAME | awk '{print tolower($0)}')
|
||||
if [ "$NAME" == "framework" ]; then
|
||||
JSON_TARGET=$(echo '{"DATE":"'$DATE'","INSTALL_STATUS":0}' | jq -r . | base64 -w0)
|
||||
JSON_TARGET=$(echo '{"DATE":"'$DATE'","STATUS":1}' | jq -r . | base64 -w0)
|
||||
add_json_target $NAME
|
||||
echo "Upgrading service: webserver"
|
||||
upgrade webserver
|
||||
@@ -1352,11 +1377,13 @@ execute_task() {
|
||||
|
||||
upgrade_scheduler
|
||||
echo "Removing old framework scheduler container..."
|
||||
JSON_TARGET=$(echo '{"DATE":"'$DATE'","INSTALL_STATUS":1,"VERSION":'$VERSION'}' | jq -r . | base64 -w0)
|
||||
JSON_TARGET=$(echo '{"DATE":"'$DATE'","STATUS":2,"VERSION":"'$VERSION'"}' | jq -r . | base64 -w0)
|
||||
add_json_target $NAME
|
||||
sleep 1
|
||||
/usr/bin/docker rm -f $HOSTNAME
|
||||
|
||||
JSON_TARGET="" # do not create upgrade.json
|
||||
|
||||
#CONTAINERS=$(docker ps -a --format '{{.Names}} {{.Status}}' | grep -E 'framework-scheduler|webserver')
|
||||
else
|
||||
echo "Upgrading service: $NAME"
|
||||
@@ -1496,7 +1523,13 @@ DATE=$(date +%F-%H-%M-%S)
|
||||
DIR=$SHARED/input
|
||||
|
||||
# Triggers by certificate or domain config changes
|
||||
# Set installed version number
|
||||
echo '{}' | jq --arg VERSION "$VERSION" '.VERSION = $VERSION' > $SHARED/output/version.json
|
||||
############################
|
||||
|
||||
if [ "$DEBUG_MODE" == "true" ]; then
|
||||
rm $DIR/*
|
||||
fi
|
||||
unset IFS
|
||||
|
||||
inotifywait --exclude "\.(swp|tmp)" -m -e CREATE,CLOSE_WRITE,DELETE,MOVED_TO -r $DIR |
|
||||
|
||||
Reference in New Issue
Block a user