diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 1377554..0000000 --- a/.gitignore +++ /dev/null @@ -1 +0,0 @@ -*.swp diff --git a/CHANGELOG.md b/CHANGELOG.md deleted file mode 100644 index 548f582..0000000 --- a/CHANGELOG.md +++ /dev/null @@ -1,61 +0,0 @@ -# 0.3.0 - -* adds automation script for user provisionning -* moves backup to duplicity -* big simplification -* some fixes - -# 0.2.4 - -* improve tests -* wordpess version 4.1 -* Internal modifications - * rename project - * rename images - * integrate dockerfiles to the project - * add hotfixes - -# 0.2.3 - -* fixes backup -* better tests -* import dump.sql when relevant - -# 0.2.2 - -* add Known as an application - -# 0.2.1 - -* draft instructions for how to add an application (whether server-wide or per-user) -* several bugfixes - -# 0.2.0 - -* a separation between /data/domains and /data/runtime, making site immigration much easier -* the wordpress image and the mysql image it depends on -* the backup service which commits all user content, including a mysql dump, to a private git repo, and pushes that out to a remote destination every hour -* the nginx image from 0.1.0 split into static and static-git - - -# 0.1.0 - -* Static webhosting - * based on haproxy with nginx backends - * all running as Docker containers - * SNI-capable (multiple https domains on one single IPv4 address) - * pulls in content from any git repo, then updates every 10 minutes - * can be run redundantly in round-robin DNS setup - -* email forwarder - * based on postfix - * stateless apart from simple configuration files - * can be run redundantly on multiple MX handlers - -* automated administration - * Docker containers are orchestrated with etcd and systemd - * script to deploy it on a remote coreos server - * script for adding a site from a git repo - * script for adding an empty placeholder site - * docs describing how to use these scripts - * Vagrantfile for using it inside vagrant diff --git a/INSTALL.md b/INSTALL.md deleted file mode 100644 index 8c4cd05..0000000 --- a/INSTALL.md +++ /dev/null @@ -1,36 +0,0 @@ -# Instructions to install libre.sh - -## Recommendation -- you'd need API key on Namecheap (if you want to automatically buy and configure domain name) - -## Installation - -These instructions depend a bit on your cloud provider. - -### [Digital Ocean](https://m.do.co/c/1b468ce0671f) - - 1. Install [doctl](https://github.com/digitalocean/doctl/) - 2. Issue the following command: - -``` -doctl compute droplet create libre.sh --user-data-file ./user_data --wait --ssh-keys $KEY_ID --size 1gb --region lon1 --image coreos-stable -``` - -### Provider with user_data support - -If you use a cloud provider that support `user_data`, like [Scaleway](http://scaleway.com/), just use [this user_data](https://raw.githubusercontent.com/indiehosters/libre.sh/master/user_data). - -### Hetzner - -You can also buy a baremetal at [Hetzner](https://serverboerse.de/index.php?country=EN) as they are the cheapest options around. Follow these [instructions](INSTALL_HETZNER.md) in this case. - -### Provider without user_data support - -Use boot a live cd, and issue that command: - -``` -wget https://raw.github.com/coreos/init/master/bin/coreos-install -bash coreos-install -d /dev/sda -c user_data -``` - -And voila, your first libre.sh node is ready! diff --git a/INSTALL_HETZNER.md b/INSTALL_HETZNER.md deleted file mode 100644 index 844dbf9..0000000 --- a/INSTALL_HETZNER.md +++ /dev/null @@ -1,75 +0,0 @@ -# Instructions to install libre.sh - -## Recommendation -- ssd on /dev/sda -- hdd on /dev/sdb -- hdd on /dev/sdc -- API key on Namecheap (if you want to automatically buy domain name) - -# Installation - -First, you need a server. -We recommend [Hetzner](https://serverboerse.de/index.php?country=EN) as they are the cheapest options around. -You can filter servers with ssd. - -These instructions can also work on any VM/VPS/Hardware. - -## Install the system - -``` -IP= - -ssh -o "StrictHostKeyChecking no" root@$IP - -hostname= -ssh_public_key="" - -fdisk -l #find your ssd - -# Setup raid -cat > /etc/mdadm.conf << EOF -MAILADDR dev@null.org -EOF -mdadm --create --verbose /dev/md0 --level=mirror --raid-devices=2 /dev/sdb /dev/sdc -mkfs.ext4 /dev/md0 - -cat > cloud-config.tmp << EOF -#cloud-config - -hostname: "$hostname" -ssh_authorized_keys: - - $ssh_public_key -EOF - -apt-get install gawk -wget https://raw.github.com/coreos/init/master/bin/coreos-install -bash coreos-install -d /dev/sda -c cloud-config.tmp - -reboot -``` - -``` -ssh core@$IP - -#configure mdmonitor. - -sudo su - - -mdadm --examine --scan > /etc/mdadm.conf -vim /etc/mdadm.conf -#ADD your mail -MAILADDR xxx@xxx.org - -# Start service -systemctl start mdmonitor.service - -cat > /etc/systemd/system/data.mont << EOF -[Mount] -What=/dev/md0 -Where=/data -Type=ext4 -EOF - -wget https://raw.githubusercontent.com/indiehosters/libre.sh/master/user_data -O /var/lib/coreos-install/user_data - -coreos-cloudinit /var/lib/coreos-install/user_data diff --git a/README.md b/README.md index 418be92..a58055e 100644 --- a/README.md +++ b/README.md @@ -1,102 +1 @@ -# libre.sh - -## Introduction - -A PaaS that is aimed at hosting free software \o/ - -To install it, follow instructions in `INSTALL.md`. - -### What is libre.sh - -libre.sh is a little framework to host Docker. It is simple and modular and respect the convention over configuration paradigm. - -This is aimed at Hosters to manage a huge amount of different web application, and a quantity of domain names related with emails and so on. - -It is currently installed at 3 different hosters in production and hosting ~20 different web applications, with ~500 containers. - -Once well installed, in one bash command, you'll be able to: - - buy a domain name - - configure DNS for it - - configure email for it - - configure dkim for that domain - - configure dmarc for that domain - - configure autoconfig for that domain - - install and start a web application on that domain (WordPress, Nextcloud, piwik...) - - provision a TLS cert on that domain - -Amazing, right? - -### Modular - -The PaaS is really modular, that's why it contains the strict necessary, then you'll probably want to add `system` modules or `applications`. - -It contains 2 [unit-files](https://github.com/indiehosters/LibrePaaS/tree/master/unit-files) to manage system modules and applications, start them at boot, and load the appropriate environment. - -### Support - -You can use the following channels to request community support: - - [mailinglist/forum](https://forum.indie.host/t/about-the-libre-sh-category/71) - - [chat](https://chat.indie.host/channel/libre.sh) - -For paid support, just send an inquiry to support@libre.sh. - -All of this is hosted by libre.sh :) - -## System modules - -Here is a list of modules supported: - - https proxy: - - [HAProxy](https://github.com/indiehosters/haproxy) - - [Nginx](https://github.com/indiehosters/nginx) - - [logs](https://github.com/indiehosters/logs) - - [monitoring](https://github.com/indiehosters/monitoring) - - [git-puller](https://github.com/indiehosters/git-puller) - - [backups](https://github.com/indiehosters/backups) - - [sshd](https://github.com/indiehosters/sshd) - -Go to their respective page for more details. - -### To install and start a module: - -``` -cd /system/ -git clone module -cd module -libre enable -libre start -``` - -## Applications - -### Installation - -To install application `wordpress` on `example.org`, first make point example.org to your server IP, and then, just run: - -``` -libre provision -a github.com/indiehosters/wordpress -u example.org -s -``` - -Run `libre provision` for more details on the capabilities of the script. - -## To debug a module or an application: - -``` -libre ps -libre logs -f --tail=100 -libre stop -libre restart -``` - -## Contributing - -If you have any issue (something not working, missing doc), please do report an issue here! Thanks - -This system is used in production at [IndieHosters](https://indiehosters.net/) so it is maintained. If you use it, please tell us, and we'll be really happy to update this README! - -You can help us by: - - starring this project - - sending us a thanks email - - reporting bugs - - writing documentation/blog on how you got up and running in 5mins - - writing more documentation - - sending us cake :) We loove cake! +Moved to https://lab.libreho.st/libre.sh/compose.libre.sh diff --git a/unit-files/s@.service b/unit-files/s@.service deleted file mode 100644 index fd4cfdd..0000000 --- a/unit-files/s@.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=%p-%i - -# Requirements -Requires=docker.service - -# Dependency ordering -After=docker.service - -[Service] -Restart=always -RestartSec=10 -TimeoutStartSec=60 -TimeoutStopSec=15 -EnvironmentFile=-/system/%i/env -Environment=HOSTNAME=%H -WorkingDirectory=/system/%i/ -ExecStartPre=-/opt/bin/docker-compose rm -f -ExecStart=/bin/bash -euxc "/opt/bin/docker-compose up" -ExecStop=/opt/bin/docker-compose stop - -[Install] -WantedBy=multi-user.target diff --git a/unit-files/u@.service b/unit-files/u@.service deleted file mode 100644 index 5100754..0000000 --- a/unit-files/u@.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=%p-%i - -# Requirements -Requires=docker.service - -# Dependency ordering -After=docker.service - -[Service] -Restart=always -RestartSec=10 -TimeoutStartSec=60 -TimeoutStopSec=15 -EnvironmentFile=-/data/domains/%i/env -Environment=HOSTNAME=%H -WorkingDirectory=/data/domains/%i/ -ExecStartPre=-/opt/bin/docker-compose rm -f -ExecStart=/bin/bash -euxc "VIRTUAL_HOST=%i /opt/bin/docker-compose up" -ExecStop=/opt/bin/docker-compose stop - -[Install] -WantedBy=multi-user.target diff --git a/unit-files/web-net.service b/unit-files/web-net.service deleted file mode 100644 index f45effd..0000000 --- a/unit-files/web-net.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=Create lb_web network -Requires=docker.service -After=docker.service -[Service] -Type=oneshot -RemainAfterExit=true -ExecStart=/usr/bin/docker network create lb_web -ExecStop=/usr/bin/docker network rm lb_web -[Install] -WantedBy=local.target diff --git a/user_data b/user_data deleted file mode 100644 index efe9dea..0000000 --- a/user_data +++ /dev/null @@ -1,90 +0,0 @@ -#cloud-config - -write_files: - - path: /etc/sysctl.d/libresh.conf - permissions: 0644 - owner: root - content: | - fs.aio-max-nr=1048576 - vm.max_map_count=262144 - - path: /etc/hosts - permissions: 0644 - owner: root - content: | - 127.0.0.1 localhost - 255.255.255.255 broadcasthost - ::1 localhost - - path: /etc/environment - permission: 0644 - owner: root - content: | - NAMECHEAP_URL="namecheap.com" - NAMECHEAP_API_USER="pierreo" - NAMECHEAP_API_KEY= - IP=`curl -s http://icanhazip.com/` - FirstName="Pierre" - LastName="Ozoux" - Address="" - PostalCode="" - Country="Portugal" - Phone="+351.967184553" - EmailAddress="pierre@ozoux.net" - City="Lisbon" - CountryCode="PT" - BACKUP_DESTINATION=root@xxxxx:port - MAIL_USER= - MAIL_PASS= - MAIL_HOST=mail.indie.host - MAIL_PORT=587 -coreos: - update: - reboot-strategy: off - units: - - name: systemd-sysctl.service - command: restart - - name: swap.service - enable: true - command: start - content: | - [Unit] - Description=Turn on swap - [Service] - Type=oneshot - RemainAfterExit=true - ExecStartPre=-/bin/bash -euxc ' \ - fallocate -l 8192m /swap &&\ - chmod 600 /swap &&\ - mkswap /swap' - ExecStart=/sbin/swapon /swap - ExecStop=/sbin/swapoff /swap - [Install] - WantedBy=local.target - - name: install-compose.service - command: start - content: | - [Unit] - Description=Install Docker Compose - [Service] - Type=oneshot - RemainAfterExit=true - ExecStart=-/bin/bash -euxc ' \ - mkdir -p /opt/bin &&\ - url=$(curl -s https://api.github.com/repos/docker/compose/releases/latest | jq -r \'.assets[].browser_download_url | select(contains("Linux") and contains("x86_64"))\') &&\ - curl -L $url > /opt/bin/docker-compose &&\ - chmod +x /opt/bin/docker-compose' - - name: install-libresh.service - command: start - content: | - [Unit] - Description=Install libre.sh - [Service] - Type=oneshot - RemainAfterExit=true - ExecStart=-/bin/bash -euxc ' \ - git clone https://github.com/indiehosters/libre.sh.git /libre.sh &&\ - mkdir /{data,system} &&\ - mkdir /data/trash &&\ - cp /libre.sh/unit-files/* /etc/systemd/system && systemctl daemon-reload &&\ - systemctl enable web-net.service &&\ - systemctl start web-net.service &&\ - cp /libre.sh/utils/* /opt/bin/' diff --git a/utils/add_cloud_user b/utils/add_cloud_user deleted file mode 100755 index 01ca7c5..0000000 --- a/utils/add_cloud_user +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -eux - -source /etc/environment - -user=$1 -email=$2 -quota=$3 - -curl -X POST --user ${cloud_admin}:${cloud_pass} https://${cloud_hostname}/ocs/v1.php/cloud/users -d userid="$1" -d password="`tr -dc A-Za-z0-9_ < /dev/urandom | head -c 10 | xargs`" -curl -X PUT --user ${cloud_admin}:${cloud_pass} https://${cloud_hostname}/ocs/v1.php/cloud/users/${user} -d key="email" -d value="${email}" -curl -X PUT --user ${cloud_admin}:${cloud_pass} https://${cloud_hostname}/ocs/v1.php/cloud/users/${user} -d key="quota" -d value="${quota}" diff --git a/utils/add_mailbox b/utils/add_mailbox deleted file mode 100755 index 649a425..0000000 --- a/utils/add_mailbox +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -set -e -set -u -set -x - -source /etc/environment - -email=$1 -email_password=$2 - -local_part=`echo $email | cut -d@ -f1` -email_domain=`echo $email | cut -d@ -f2` - -curl --data "username=${mail_username}&password=${mail_password}&login=Log+In&rememberme=0" -c /tmp/cookie.txt https://${mail_hostname}/auth/login -domain_id=`curl -b /tmp/cookie.txt https://${mail_hostname}/domain | grep $email_domain | grep purge-domain | grep -o 'purge-domain-[0-9]*' | grep -o '[0-9]*'` -curl --data "local_part=${local_part}&domain=${domain_id}&password=${email_password}" -b /tmp/cookie.txt https://${mail_hostname}/mailbox/add - -rm /tmp/cookie.txt diff --git a/utils/add_to_group b/utils/add_to_group deleted file mode 100755 index b87f4ef..0000000 --- a/utils/add_to_group +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -eux - -source /etc/environment - -user=$1 -group=$2 - -curl -X POST --user ${cloud_admin}:${cloud_pass} https://${cloud_hostname}/ocs/v1.php/cloud/users/${1}/groups -d groupid="${2}" diff --git a/utils/add_user b/utils/add_user deleted file mode 100755 index 161588c..0000000 --- a/utils/add_user +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash -eux - -source /etc/environment - -email=$1 -cc_welcome_email=$2 -quota=$3 - -password=`tr -dc A-Za-z0-9_ < /dev/urandom | head -c 10 | xargs` -local_part=`echo $email | cut -d@ -f1` -email_domain=`echo $email | cut -d@ -f2` - -curl --data "username=${mail_username}&password=${mail_password}&login=Log+In&rememberme=0" -c /tmp/cookie.txt https://${mail_hostname}/auth/login - -if ! curl -b /tmp/cookie.txt https://${mail_hostname}/domain | grep $email_domain | grep purge-domain | grep -o 'purge-domain-[0-9]*' | grep -o '[0-9]*' ; then - curl --data "backupmx=0&active=1&max_aliases=0&max_mailboxes=0&max_quota=0"a=0&transport=virtual&domain=${email_domain}" -b /tmp/cookie.txt https://${mail_hostname}/domain/add -fi - -domain_id=`curl -b /tmp/cookie.txt https://${mail_hostname}/domain | grep $email_domain | grep purge-domain | grep -o 'purge-domain-[0-9]*' | grep -o '[0-9]*'` -curl --data "local_part=${local_part}&domain=${domain_id}&password=${password}&welcome_email=1&cc_welcome_email=${cc_welcome_email}" -b /tmp/cookie.txt https://${mail_hostname}/mailbox/add - -rm /tmp/cookie.txt - -curl -X PUT --user ${cloud_admin}:${cloud_pass} https://${cloud_hostname}/ocs/v1.php/cloud/users/${email} -d key="quota" -d value="${quota}" - -#docker exec -it --user www-data `echo ${cloud_hostname}_app_1 |sed 's/-//g' | sed 's/\.//g'` bash -c "\ - # php occ mail:account:create ${email} ${email} ${email} ${mail_hostname} 993 ssl ${email} ${password} ${mail_hostname} 587 tls ${email} ${password}" diff --git a/utils/configure_dkim_dns b/utils/configure_dkim_dns deleted file mode 100755 index d6fc48b..0000000 --- a/utils/configure_dkim_dns +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/bash -eux - -source /etc/environment - -function provision_dkim () { - docker exec mailindiehost_postfix_1 /add_domain.sh ${arg_u} -} - - -function configure_dns () { - domain_key=`cat /data/domains/mail.indie.host/opendkim/keys/${arg_u}/mail.txt | cut -d\" -f2 | sed 'N;s/\n//g' | sed 's/ //g' | sed 's/+/%2B/g' | sed 's/\//%2F/g'` - info "Configuring DNS." - arguments="&Command=namecheap.domains.dns.setHosts\ -&DomainName=${arg_u}\ -&SLD=$(SLD)\ -&TLD=$(TLD)\ -&HostName1=@\ -&RecordType1=A\ -&Address1=${IP}\ -&HostName2=www\ -&RecordType2=CNAME\ -&Address2=${arg_u}\ -&HostName3=@\ -&RecordType3=MX\ -&Address3=${mail_hostname}\ -&MXPref3=10\ -&HostName4=@\ -&RecordType4=TXT\ -&Address4=v=spf1%20include:${mail_hostname}\ -&Hostname5=_dmarc\ -&RecordType5=TXT\ -&Address5=v=DMARC1;%20p=none;%20rua=mailto:support@indie.host\ -&HostName6=mail._domainkey\ -&RecordType6=TXT\ -&Address6=${domain_key}\ -&HostName7=autoconfig\ -&RecordType7=CNAME\ -&Address7=autoconfig.`echo $mail_hostname | cut -d. -f2,3`\ -&EmailType=mx" - call_API ${arguments} - -} - diff --git a/utils/helpers b/utils/helpers deleted file mode 100755 index f9e9805..0000000 --- a/utils/helpers +++ /dev/null @@ -1,67 +0,0 @@ -function contains () { - local n=$# - local value=${!n} - for ((i=1;i < $#;i++)) { - if [ "${!i}" == "${value}" ]; then - echo "y" - return 0 - fi - } - echo "n" - return 1 -} - -function TLD () { - echo ${arg_u} | cut -d. -f2,3 -} - -function SLD () { - echo ${arg_u} | cut -d. -f1 -} - -function call_API () { - url="https://api.$NAMECHEAP_URL/xml.response\?ApiUser=${NAMECHEAP_API_USER}&ApiKey=${NAMECHEAP_API_KEY}&UserName=${NAMECHEAP_API_USER}&ClientIp=${IP}$1" - output=$(curl -s ${url}) - - if [ $(echo ${output} | grep -c 'Status="OK"') -eq 0 ]; then - error "API call failed. Please read the output" - echo ${output} - exit 1 - else - info "API call is a success." - fi -} - -function _fmt () { - local color_ok="\x1b[32m" - local color_bad="\x1b[31m" - - local color="${color_bad}" - if [ "${1}" = "debug" ] || [ "${1}" = "info" ] || [ "${1}" = "notice" ]; then - color="${color_ok}" - fi - - local color_reset="\x1b[0m" - if [[ "${TERM}" != "xterm"* ]] || [ -t 1 ]; then - # Don't use colors on pipes or non-recognized terminals - color=""; color_reset="" - fi - echo -e "$(date -u +"%Y-%m-%d %H:%M:%S UTC") ${color}$(printf "[%9s]" ${1})${color_reset}"; -} -function emergency () { echo "$(_fmt emergency) ${@}" 1>&2 || true; exit 1; } -function alert () { [ "${LOG_LEVEL}" -ge 1 ] && echo "$(_fmt alert) ${@}" 1>&2 || true; } -function critical () { [ "${LOG_LEVEL}" -ge 2 ] && echo "$(_fmt critical) ${@}" 1>&2 || true; } -function error () { [ "${LOG_LEVEL}" -ge 3 ] && echo "$(_fmt error) ${@}" 1>&2 || true; } -function warning () { [ "${LOG_LEVEL}" -ge 4 ] && echo "$(_fmt warning) ${@}" 1>&2 || true; } -function notice () { [ "${LOG_LEVEL}" -ge 5 ] && echo "$(_fmt notice) ${@}" 1>&2 || true; } -function info () { [ "${LOG_LEVEL}" -ge 6 ] && echo "$(_fmt info) ${@}" 1>&2 || true; } -function debug () { [ "${LOG_LEVEL}" -ge 7 ] && echo "$(_fmt debug) ${@}" 1>&2 || true; } - -function help () { - echo "" 1>&2 - echo " ${@}" 1>&2 - echo "" 1>&2 - echo " ${usage}" 1>&2 - echo "" 1>&2 - exit 1 -} diff --git a/utils/libre b/utils/libre deleted file mode 100755 index 597440b..0000000 --- a/utils/libre +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash -eu - - -function error_path { - >&2 echo "Error: you must be in either /data/domains/*/ or /system/*/ to execute these commands" - exit 1 -} - -function systemctl_param { - first_level_path=`pwd | cut -d'/' -f2` - second_level_path=`pwd | cut -d'/' -f3` - - if [ "$first_level_path" == "system" ]; then - module=`pwd | cut -d'/' -f3` - if [ -n "$module" ]; then - echo s@$module - else - error_path - fi - elif [ "$first_level_path" == "data" ] && [ "$second_level_path" == "domains" ]; then - domain=`pwd | cut -d'/' -f4` - if [ -n "$domain" ]; then - echo u@$domain - else - error_path - fi - else - error_path - fi -} - - -case "$1" in - start|status|enable|disable|restart|stop) - if [ -n "$(systemctl_param)" ]; then - echo "systemctl $1 $(systemctl_param)" - systemctl $1 $(systemctl_param) - fi;; - journal) - if [ -n "$(systemctl_param)" ]; then - journalctl -fu $(systemctl_param) - fi;; - ps|exec|logs) - if [ -f ./env ]; then - env $(cat ./env | xargs) docker-compose $1 ${@:2} - else - docker-compose $1 ${@:2} - fi;; - update) - if [ "$(pwd)" == "/libre.sh" ]; then - git pull - cp /libre.sh/unit-files/* /etc/systemd/system && systemctl daemon-reload - cp /libre.sh/utils/* /opt/bin/ - elif [ -n "$(systemctl_param)" ]; then - git pull - docker-compose pull - docker-compose build - /opt/bin/libre restart - fi;; - provision) - provision ${@:2};; - *) - echo "Usage:" - echo " - start|status|enable|disable|restart|stop: command sent to systemctl." - echo " - ps|exec|logs: command sent to docker compose." - echo " - update: to update the current folder." -esac diff --git a/utils/migrate b/utils/migrate deleted file mode 100755 index a2db01d..0000000 --- a/utils/migrate +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash -eux -#!/bin/bash -eux - -hash=$1 -domain=$2 - -cd /data/domains/ -wget https://wader.indie.host/migrate/$hash -unzip $hash -rm $hash - -cd $domain - -cp TLS/$domain.pem /system/haproxy/haproxy/certs - -systemctl start u@$domain -systemctl enable u@$domain diff --git a/utils/provision b/utils/provision deleted file mode 100755 index 2fbeeb6..0000000 --- a/utils/provision +++ /dev/null @@ -1,227 +0,0 @@ -#!/usr/bin/env bash -# Provision an application for a user for LibrePaaS -# -# This file: -# - Registers the domain name to NameCheap -# - Configures the DNS -# -# Version 0.0.3 -# -# Authors: -# - Pierre Ozoux (pierre-o.fr) -# -# Usage: -# LOG_LEVEL=7 ./provision -a github.com/indiehosters/known -u example.org -g -b -c -# -# Licensed under AGPLv3 - - -### Configuration -##################################################################### - -# Environment variables and their defaults -LOG_LEVEL="${LOG_LEVEL:-6}" # 7 = debug -> 0 = emergency - -# Commandline options. This defines the usage page, and is used to parse cli -# opts & defaults from. The parsing is unforgiving so be precise in your syntax -read -r -d '' usage <<-'EOF' - -u [arg] URL to process. Required. - -a [arg] Application to install. (in the form github.com/indiehosters/wordpress) - -s Start the application right away. - -b Buys the associated domain name. - -i Configure OpenDKIM. - -c Configures DNS on Namecheap. - -d Enables debug mode - -h This page -EOF - -### Functions -##################################################################### - -source /etc/environment -source /opt/bin/helpers -source /opt/bin/configure_dkim_dns - -function buy_domain_name () { - - not_supported_extensions=( "us" "eu" "nu" "asia" "ca" "co.uk" "me.uk" "org.uk" "com.au" "net.au" "org.au" "es" "nom.es" "com.es" "org.es" "de" "fr" ) - if [ $(contains "${not_supported_extensions[@]}" "$(TLD)") == "y" ]; then - error "Extension .$(TLD) is not yet supported.." - exit 1 - fi - - info "Buying Domain name." - arguments="&Command=namecheap.domains.create\ -&DomainName=${arg_u}\ -&Years=1\ -&AuxBillingFirstName=${FirstName}\ -&AuxBillingLastName=${LastName}\ -&AuxBillingAddress1=${Address}\ -&AuxBillingCity=${City}\ -&AuxBillingPostalCode=${PostalCode}\ -&AuxBillingCountry=${Country}\ -&AuxBillingPhone=${Phone}\ -&AuxBillingEmailAddress=${EmailAddress}\ -&AuxBillingStateProvince=${City}\ -&TechFirstName=${FirstName}\ -&TechLastName=${LastName}\ -&TechAddress1=${Address}\ -&TechCity=${City}\ -&TechPostalCode=${PostalCode}\ -&TechCountry=${Country}\ -&TechPhone=${Phone}\ -&TechEmailAddress=${EmailAddress}\ -&TechStateProvince=${City}\ -&AdminFirstName=${FirstName}\ -&AdminLastName=${LastName}\ -&AdminAddress1=${Address}\ -&AdminCity=${City}\ -&AdminPostalCode=${PostalCode}\ -&AdminCountry=${Country}\ -&AdminPhone=${Phone}\ -&AdminEmailAddress=${EmailAddress}\ -&AdminStateProvince=${City}\ -&RegistrantFirstName=${FirstName}\ -&RegistrantLastName=${LastName}\ -&RegistrantAddress1=${Address}\ -&RegistrantCity=${City}\ -&RegistrantPostalCode=${PostalCode}\ -&RegistrantCountry=${Country}\ -&RegistrantPhone=${Phone}\ -&RegistrantEmailAddress=${EmailAddress}\ -&RegistrantStateProvince=${City}" - - call_API ${arguments} - - info "Changing email forwarding." - arguments="&Command=namecheap.domains.dns.setEmailForwarding\ -&DomainName=${arg_u}\ -&mailbox1=hostmaster\ -&ForwardTo1=${EmailAddress}" - - call_API ${arguments} -} - -function application () { - git clone https://${arg_a}.git /data/domains/${arg_u} - cd /data/domains/${arg_u} - if [ -f ./scripts/install ]; then - export URL=${arg_u} - if [ -z ${MAIL_DOMAIN:-} ]; then - warning "you have no email server setup, we'll print a random configuration in your application. Make sure to check the parameters for your app to send proper emails." - warning "To stop having this warning, please configure your libre.sh to be abble to create email accounts." - warning "You can also contact support@indie.host to setup an email account for you" - export MAIL_PASS="randompass" - export MAIL_USER="example@indie.host" - export MAIL_DOMAIN="indie.host" - export MAIL_HOST="mail.indie.host" - export MAIL_PORT="587" - else - export MAIL_PASS=`tr -dc A-Za-z0-9_ < /dev/urandom | head -c 20 | xargs` - export MAIL_USER="noreply.${arg_u}@${MAIL_DOMAIN}" - /opt/bin/add_mailbox ${MAIL_USER} ${MAIL_PASS} - fi - ./scripts/install - fi -} - -function start () { - systemctl start u@${arg_u} - systemctl enable u@${arg_u} -} - -### Parse commandline options -##################################################################### - -# Translate usage string -> getopts arguments, and set $arg_ defaults -while read line; do - opt="$(echo "${line}" |awk '{print $1}' |sed -e 's#^-##')" - if ! echo "${line}" |egrep '\[.*\]' >/dev/null 2>&1; then - init="0" # it's a flag. init with 0 - else - opt="${opt}:" # add : if opt has arg - init="" # it has an arg. init with "" - fi - opts="${opts}${opt}" - - varname="arg_${opt:0:1}" - if ! echo "${line}" |egrep '\. Default=' >/dev/null 2>&1; then - eval "${varname}=\"${init}\"" - else - match="$(echo "${line}" |sed 's#^.*Default=\(\)#\1#g')" - eval "${varname}=\"${match}\"" - fi -done <<< "${usage}" - -# Reset in case getopts has been used previously in the shell. -OPTIND=1 - -# Overwrite $arg_ defaults with the actual CLI options -while getopts "${opts}" opt; do - line="$(echo "${usage}" |grep "\-${opt}")" - - - [ "${opt}" = "?" ] && help "Invalid use of script: ${@} " - varname="arg_${opt:0:1}" - default="${!varname}" - - value="${OPTARG}" - if [ -z "${OPTARG}" ] && [ "${default}" = "0" ]; then - value="1" - fi - - eval "${varname}=\"${value}\"" - debug "cli arg ${varname} = ($default) -> ${!varname}" -done - -shift $((OPTIND-1)) - -[ "$1" = "--" ] && shift - - -### Switches (like -d for debugmdoe, -h for showing helppage) -##################################################################### - -# debug mode -if [ "${arg_d}" = "1" ]; then - set -o xtrace - LOG_LEVEL="7" -fi - -# help mode -if [ "${arg_h}" = "1" ]; then - # Help exists with code 1 - help "Help using ${0}" -fi - - -### Validation (decide what's required for running your script and error out) -##################################################################### - -[ -z "${arg_u}" ] && help "URL is required." -[ -z "${LOG_LEVEL}" ] && emergency "Cannot continue without LOG_LEVEL." - - -### Runtime -##################################################################### - -# Exit on error. Append ||true if you expect an error. -# set -e is safer than #!/bin/bash -e because that is neutralised if -# someone runs your script like `bash yourscript` -set -o errexit -set -o nounset - -# Bash will remember & return the highest exitcode in a chain of pipes. -# This way you can catch the error in case mysqldump fails in `mysqldump |gzip` -set -o pipefail - -FOLDER=/data/domains/${arg_u} -TLS_FOLDER=${FOLDER}/TLS - -[ ${arg_b} -eq 1 ] && buy_domain_name -[ ! -z "${arg_a}" ] && application -[ ${arg_i} -eq 1 ] && provision_dkim -[ ${arg_c} -eq 1 ] && configure_dns -[ ${arg_s} -eq 1 ] && start - -exit 0 diff --git a/utils/stop_before_migration b/utils/stop_before_migration deleted file mode 100755 index 3729207..0000000 --- a/utils/stop_before_migration +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -eux - -domain=$1 -ip=$2 -cd /data/domains/$domain -./scripts/backup - -systemctl stop u@$domain -systemctl disable u@$domain - -tar cvzf /home/core/${domain}.tgz .