changes & echo messages
This commit is contained in:
parent
2d86500462
commit
6c63d16c0f
27
install.sh
27
install.sh
@ -21,33 +21,37 @@ export DEBIAN_FRONTEND=noninteractive
|
|||||||
|
|
||||||
source $SECRETS_PATH
|
source $SECRETS_PATH
|
||||||
|
|
||||||
|
echo "Keygen SSH keys for $SERVER_NAME..."
|
||||||
if [ -f ~/.ssh/id_ed25519 ]; then
|
if [ -f ~/.ssh/id_ed25519 ]; then
|
||||||
echo "SSH key already exists: ~/.ssh/id_ed25519"
|
echo "SSH key already exists: ~/.ssh/id_ed25519"
|
||||||
else
|
else
|
||||||
ssh-keygen -t ed25519 -C "$SERVER_NAME" -f ~/.ssh/id_ed25519 -N ""
|
ssh-keygen -t ed25519 -C "$SERVER_NAME" -f ~/.ssh/id_ed25519 -N ""
|
||||||
fi
|
fi
|
||||||
|
|
||||||
apt-get update -y install -y sshpass
|
echo "Install sshpass..."
|
||||||
|
apt-get update
|
||||||
|
apt-get install -y sshpass
|
||||||
|
|
||||||
# Install public SSH key from HOST to ORIGIN:
|
echo "Install public SSH key from HOST to ORIGIN..."
|
||||||
echo "Add public key to origin server..."
|
|
||||||
sshpass -p $SERVER_ORIGIN_PASSWORD ssh-copy-id -i ~/.ssh/id_ed25519.pub -o StrictHostKeyChecking=no $REMOTE_USER@$SERVER_ORIGIN_DOMAIN
|
sshpass -p $SERVER_ORIGIN_PASSWORD ssh-copy-id -i ~/.ssh/id_ed25519.pub -o StrictHostKeyChecking=no $REMOTE_USER@$SERVER_ORIGIN_DOMAIN
|
||||||
|
|
||||||
|
|
||||||
echo "Add public key to gitea app..."
|
echo "Add public SSH key to gitea app..."
|
||||||
SSH_PUBLIC_KEY=$(cat ~/.ssh/id_ed25519.pub)
|
SSH_PUBLIC_KEY=$(cat ~/.ssh/id_ed25519.pub)
|
||||||
|
|
||||||
# Get keys list from gitea API:
|
echo "Get SSH keys list from gitea API..."
|
||||||
keys=$(curl -X GET -H "Authorization: token $GITEA_API_ADD_SSH_KEY" "https://$GITEA_DOMAIN/api/v1/user/keys")
|
keys=$(curl -X GET -H "Authorization: token $GITEA_API_ADD_SSH_KEY" "https://$GITEA_DOMAIN/api/v1/user/keys")
|
||||||
|
|
||||||
# Search key:
|
echo "Search SSH key in gitea..."
|
||||||
existing_key_id=$(echo $keys | jq -r ".[] | select(.title == \"$SERVER_NAME\") | .id")
|
existing_key_id=$(echo $keys | jq -r ".[] | select(.title == \"$SERVER_NAME\") | .id")
|
||||||
|
|
||||||
# If finded, remove it:
|
echo "If already exist SSH key in gitea, remove it..."
|
||||||
if [ -n "$existing_key_id" ]; then
|
if [ -n "$existing_key_id" ]; then
|
||||||
curl -X DELETE -H "Authorization: token $GITEA_API_ADD_SSH_KEY" "https://$GITEA_DOMAIN/api/v1/user/keys/$existing_key_id"
|
curl -X DELETE -H "Authorization: token $GITEA_API_ADD_SSH_KEY" "https://$GITEA_DOMAIN/api/v1/user/keys/$existing_key_id"
|
||||||
|
echo "SSH key removed"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
echo "Add new SSH public key in gitea..."
|
||||||
curl -X POST \
|
curl -X POST \
|
||||||
"https://$GITEA_DOMAIN/api/v1/user/keys" \
|
"https://$GITEA_DOMAIN/api/v1/user/keys" \
|
||||||
-H "Authorization: token $GITEA_API_ADD_SSH_KEY" \
|
-H "Authorization: token $GITEA_API_ADD_SSH_KEY" \
|
||||||
@ -58,24 +62,25 @@ curl -X POST \
|
|||||||
}"
|
}"
|
||||||
|
|
||||||
|
|
||||||
# Install utils from gitea origin:
|
echo "Install utils from gitea origin..."
|
||||||
cd /data
|
cd /data
|
||||||
echo "Connect to git repository on host: $GIT_SSH_DOMAIN"
|
echo "Connect to git repository on host: $GIT_SSH_DOMAIN"
|
||||||
echo "On username: $GIT_USER"
|
echo "On username: $GIT_USER"
|
||||||
git clone git@"$GIT_SSH_DOMAIN":"$GIT_USER"/utils.git
|
git clone git@"$GIT_SSH_DOMAIN":"$GIT_USER"/utils.git
|
||||||
cd /data/utils
|
cd /data/utils
|
||||||
|
|
||||||
# Run init-server:
|
|
||||||
echo "Run init-server.sh..."
|
echo "Run init-server script..."
|
||||||
bash init-server.sh
|
bash init-server.sh
|
||||||
|
|
||||||
# Install $SERVER_NAME from gitea origin:
|
echo "Install $SERVER_NAME from gitea origin..."
|
||||||
cd /data
|
cd /data
|
||||||
echo "Connect to git repository on host: $GIT_SSH_DOMAIN"
|
echo "Connect to git repository on host: $GIT_SSH_DOMAIN"
|
||||||
echo "On username: $GIT_USER"
|
echo "On username: $GIT_USER"
|
||||||
git clone git@"$GIT_SSH_DOMAIN":"$GIT_USER"/$SERVER_NAME.git
|
git clone git@"$GIT_SSH_DOMAIN":"$GIT_USER"/$SERVER_NAME.git
|
||||||
cd /data/$SERVER_NAME
|
cd /data/$SERVER_NAME
|
||||||
|
|
||||||
|
echo "Run $SERVER_NAME install.sh..."
|
||||||
bash /data/$SERVER_NAME/install.sh $SERVER_HOST
|
bash /data/$SERVER_NAME/install.sh $SERVER_HOST
|
||||||
|
|
||||||
trap - ERR
|
trap - ERR
|
||||||
|
|||||||
24
remote.sh
24
remote.sh
@ -10,7 +10,7 @@ if [ -z "$1" ]; then
|
|||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
SSH_PORT=22
|
SSH_PORT=2525
|
||||||
REMOTE_USER="root"
|
REMOTE_USER="root"
|
||||||
SERVER_HOST=$1
|
SERVER_HOST=$1
|
||||||
SECRETS_DIR=/data/secrets
|
SECRETS_DIR=/data/secrets
|
||||||
@ -28,7 +28,7 @@ set -e
|
|||||||
|
|
||||||
export DEBIAN_FRONTEND=noninteractive
|
export DEBIAN_FRONTEND=noninteractive
|
||||||
|
|
||||||
# Get SAFE_PASSWORD for decrypt secrets archive on target host:
|
echo "Get SAFE_PASSWORD for decrypt secrets archive on target host..."
|
||||||
KEY_VAR=$(echo "$SERVER_HOST" | tr '.' '_')
|
KEY_VAR=$(echo "$SERVER_HOST" | tr '.' '_')
|
||||||
|
|
||||||
if grep -q "^$KEY_VAR=" "$KEYS_FILE"; then
|
if grep -q "^$KEY_VAR=" "$KEYS_FILE"; then
|
||||||
@ -37,29 +37,29 @@ else
|
|||||||
echo "SAFE_PASSWORD for $SERVER_HOST not found"
|
echo "SAFE_PASSWORD for $SERVER_HOST not found"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Reset known_hosts:
|
echo "Reset known_hosts..."
|
||||||
ssh-keygen -f '/root/.ssh/known_hosts' -R $SERVER_HOST
|
ssh-keygen -f '/root/.ssh/known_hosts' -R $SERVER_HOST
|
||||||
|
|
||||||
# Install public SSH key from dev host to target host:
|
echo "Install public SSH key from dev host to target host..."
|
||||||
sshpass -p $SERVER_PASSWORD ssh-copy-id -i ~/.ssh/id_ed25519.pub -p $SSH_PORT -o StrictHostKeyChecking=no $REMOTE_USER@$SERVER_HOST
|
sshpass -p $SERVER_PASSWORD ssh-copy-id -i ~/.ssh/id_ed25519.pub -p $SSH_PORT -o StrictHostKeyChecking=no $REMOTE_USER@$SERVER_HOST
|
||||||
|
|
||||||
# Copy install script from dev host to target host in tmp dir:
|
echo "Copy install script from dev host to target host in tmp dir..."
|
||||||
scp -P $SSH_PORT install.sh $REMOTE_USER@$SERVER_HOST:/tmp/install.sh
|
scp -P $SSH_PORT install.sh $REMOTE_USER@$SERVER_HOST:/tmp/install.sh
|
||||||
|
|
||||||
# Copy secrets-decrypt script from dev host to target host in tmp dir:
|
echo "Copy secrets-decrypt script from dev host to target host in tmp dir..."
|
||||||
scp -P $SSH_PORT secrets-decrypt.sh $REMOTE_USER@$SERVER_HOST:/tmp/secrets-decrypt.sh
|
scp -P $SSH_PORT secrets-decrypt.sh $REMOTE_USER@$SERVER_HOST:/tmp/secrets-decrypt.sh
|
||||||
|
|
||||||
# Create secrets directory on target host:
|
echo "Create secrets directory on target host..."
|
||||||
ssh -p $SSH_PORT $REMOTE_USER@$SERVER_HOST "mkdir -p $SECRETS_SAFE"
|
ssh -p $SSH_PORT $REMOTE_USER@$SERVER_HOST "mkdir -p $SECRETS_SAFE"
|
||||||
|
|
||||||
# Copy secret archive from origin host to target host:
|
echo "Copy secret archive from origin host to target host..."
|
||||||
ssh $REMOTE_USER@$SERVER_ORIGIN_DOMAIN "cat $SECRETS_PATH" | ssh $REMOTE_USER@$SERVER_HOST -p $SSH_PORT "cat > $SECRETS_PATH"
|
ssh $REMOTE_USER@$SERVER_ORIGIN_DOMAIN "cat $SECRETS_PATH" | ssh $REMOTE_USER@$SERVER_HOST -p $SSH_PORT "cat > $SECRETS_PATH"
|
||||||
|
|
||||||
# Run secrets-decrypt script for decrypt secrets archive on target host:
|
echo "Run secrets-decrypt script for decrypt secrets archive on target host..."
|
||||||
ssh $REMOTE_USER@$SERVER_HOST "bash /tmp/secrets-decrypt.sh $SAFE_PASSWORD $SECRETS_PATH $SECRETS_DIR/$SERVER_HOST"
|
ssh -p $SSH_PORT $REMOTE_USER@$SERVER_HOST "bash /tmp/secrets-decrypt.sh $SAFE_PASSWORD $SECRETS_PATH $SECRETS_DIR/$SERVER_HOST"
|
||||||
|
|
||||||
# Run install script on target host:
|
echo "Run install script on target host..."
|
||||||
ssh $REMOTE_USER@$SERVER_HOST "bash /tmp/install.sh $SERVER_HOST"
|
ssh -p $SSH_PORT $REMOTE_USER@$SERVER_HOST "bash /tmp/install.sh $SERVER_HOST"
|
||||||
|
|
||||||
trap - ERR
|
trap - ERR
|
||||||
echo "Remote install complete"
|
echo "Remote install complete"
|
||||||
Loading…
Reference in New Issue
Block a user