Mindboost
/
mindboost-infrastructure
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

move deploy scripts to start folder

rapp/pick-what-you-like
Robert Rapp 2025-02-24 14:08:48 +01:00
parent f14186deca
commit dff86e0486
8 changed files with 105 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
scripts/backup.sh → scripts/maintain/backup.sh
View File

81
scripts/maintain/generate_secrets.sh Executable file
View File

@ -0,0 +1,81 @@
#!/bin/bash
# 🚀 Script to Generate Secure Secrets for Deployment
# Define root directory relative to the script location
ROOT_DIR="$(cd "$(dirname "$0")/.." && pwd)"
SECRET_FILE="$ROOT_DIR/env/secrets.env"
GITIGNORE_FILE="$ROOT_DIR/.gitignore"
# ✅ Function to check if a command is installed
check_dependency() {
command -v "$1" >/dev/null 2>&1
}
# 🔍 Check for OpenSSL, and prompt user to install if missing
if ! check_dependency "openssl"; then
echo "⚠️ OpenSSL is not installed. It is required to generate secure secrets."
echo "Would you like to install OpenSSL now? (yes/no)"
read -r install_choice
if [[ "$install_choice" == "yes" ]]; then
if [[ "$OSTYPE" == "linux-gnu"* ]]; then
sudo apt update && sudo apt install -y openssl
elif [[ "$OSTYPE" == "darwin"* ]]; then
brew install openssl
else
echo "❌ Unsupported OS. Please install OpenSSL manually."
exit 1
fi
else
echo "❌ OpenSSL is required but was not installed. Exiting."
exit 1
fi
fi
# ✅ Securely generate random values
generate_secret() {
openssl rand -base64 32
}
# 🔄 Check if the secret file already exists
if [ -f "$SECRET_FILE" ]; then
echo "⚠️ $SECRET_FILE already exists. Overwrite? (yes/no)"
read -r response
if [[ "$response" != "yes" ]]; then
echo "❌ Secret file creation canceled."
exit 1
fi
fi
# ✏️ Write secrets to file
echo "🔐 Generating $SECRET_FILE ..."
mkdir -p "$(dirname "$SECRET_FILE")" # Ensure the env directory exists
> "$SECRET_FILE" # Clear file if it exists
# 🔑 Define and write secrets
echo "ADMIN_PASSWORD_HASH=$(openssl passwd -6 admin)" >> "$SECRET_FILE"
echo "JWT_SECRET=$(generate_secret)" >> "$SECRET_FILE"
echo "MARIADB_PASSWORD=$(generate_secret)" >> "$SECRET_FILE"
echo "MARIADB_ROOT_PASSWORD=$(generate_secret)" >> "$SECRET_FILE"
echo "REDIS_HOST_PASSWORD=$(generate_secret)" >> "$SECRET_FILE"
echo "TRAEFIK_BASIC_AUTH_USERS=admin:$(openssl passwd -6 traefikpass)" >> "$SECRET_FILE"
echo "GITEA_MYSQL_PASSWORD=$(generate_secret)" >> "$SECRET_FILE"
echo "NEXTCLOUD_ADMIN_PASSWORD=$(generate_secret)" >> "$SECRET_FILE"
echo "MAIL_PASSWORD=$(generate_secret)" >> "$SECRET_FILE"
# 🛑 Ensure secrets.env is ignored by Git **without overwriting last line**
if [ -f "$SECRET_FILE" ]; then
# Check if the last line is missing a newline and fix it
if [ -s "$GITIGNORE_FILE" ] && [ "$(tail -c1 "$GITIGNORE_FILE")" != "" ]; then
echo "" >> "$GITIGNORE_FILE"
fi
# Append 'env/secrets.env' only if it's not already in .gitignore
if ! grep -q "^env/secrets.env$" "$GITIGNORE_FILE"; then
echo "env/secrets.env" >> "$GITIGNORE_FILE"
echo "✅ Added 'env/secrets.env' to .gitignore"
fi
fi
echo "✅ Secrets have been generated and stored in $SECRET_FILE."
echo "⚠️ Keep this file secure and do NOT commit it to Git!"

16
scripts/deploy-administration.sh → scripts/start/deploy-administration.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
# Pfad zur .env.all Datei
ENV_FILE="../env/.env.all"
ENV_FILE="../../env/.env.all"
# Funktion zum Überprüfen der Existenz einer Datei
check_file_exists() {
@ -12,7 +12,7 @@ check_file_exists() {
}
# Überprüfe die Existenz von .env.all
check_file_exists "../env/.env.all"
check_file_exists "../../env/.env.all"
# Funktion zum Auslesen von Variablen aus der .env.all Datei
get_env_var() {
@ -25,8 +25,8 @@ ENVIRONMENT=$(get_env_var "ENVIRONMENT")
# Load environment variables from the .env files
set -o allexport
source ../env/.env.all
source ../env/${ENVIRONMENT}/.env.administration
source ../../env/.env.all
source ../../env/${ENVIRONMENT:-development}/.env.administration
set +o allexport
# Liste Stacks
@ -39,14 +39,14 @@ ENVIRONMENTS=("development" "staging" "production")
# Überprüfe die Existenz aller Stack-spezifischen .env Dateien
missing_files=0
for stack in "${STACKS[@]}"; do
env_file="../env/${ENVIRONMENT}/.env.${stack}"
env_file="../../env/${ENVIRONMENT:-development}/.env.${stack}"
if ! check_file_exists "$env_file"; then
missing_files=$((missing_files + 1))
fi
done
if [ $missing_files -eq 0 ]; then
echo "Alle erforderlichen .env Dateien für das ${ENVIRONMENT}-Environment sind vorhanden."
echo "Alle erforderlichen .env Dateien für das ${ENVIRONMENT:-development}-Environment sind vorhanden."
else
echo "Warnung: $missing_files .env Datei(en) fehlen. Einige Stacks könnten nicht korrekt funktionieren."
fi
@ -55,7 +55,7 @@ fi
for env in "${ENVIRONMENTS[@]}"; do
if [ "$env" != "$ENVIRONMENT" ]; then
for stack in "${STACKS[@]}"; do
env_file="../env/${env}/.env.${stack}"
env_file="../../env/${env}/.env.${stack}"
if ! check_file_exists "$env_file"; then
echo "Warnung: Die Datei $env_file fehlt für das Environment $env."
fi
@ -72,4 +72,4 @@ echo "ENVIRONMENT: ${ENVIRONMENT:-Not set}"
echo "-----------------------------------"
# Ausführen des Docker Compose Befehls
docker compose -f ../apps/docker-compose.all.yml --env-file ../env/.env.all --env-file ../env/${ENVIRONMENT}/.env.proxy --profile administration up --remove-orphans
docker compose -f ../apps/docker-compose.all.yml --env-file ../../env/.env.all --env-file ../../env/${ENVIRONMENT:-development}/.env.proxy --profile administration up --remove-orphans

11
scripts/deploy-all.sh → scripts/start/deploy-all.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
# Pfad zur .env.all Datei
ENV_FILE="../env/.env.all"
ENV_FILE="../../env/.env.all"
# Funktion zum Auslesen von Variablen aus der .env.all Datei
get_env_var() {
grep "^$1=" "$ENV_FILE" | cut -d '=' -f2
@ -25,7 +25,6 @@ check_file_exists() {
return 1
fi
}
#!/bin/bash
# Prüfe, ob das Skript nur in der Entwicklungsumgebung ausgeführt wird
if [ "$ENVIRONMENT" == "development" ]; then
@ -43,7 +42,7 @@ if [ "$ENVIRONMENT" == "development" ]; then
echo "🔹 ENVIRONMENT ist 'development' Hosts aus .env.proxy werden hinzugefügt und Container gestartet."
# Pfad zur Proxy-Env-Datei
ENV_PROXY_FILE="../env/development/.env.proxy"
ENV_PROXY_FILE="../../env/development/.env.proxy"
# Hosts-Datei Pfad (Linux/macOS)
HOSTS_FILE="/etc/hosts"
@ -72,12 +71,12 @@ else
fi
# Überprüfe die Existenz von .env.all
check_file_exists "../env/.env.all"
check_file_exists "../../env/.env.all"
# Überprüfe die Existenz aller Stack-spezifischen .env Dateien
missing_files=0
for stack in "${STACKS[@]}"; do
env_file="../env/${ENVIRONMENT}/.env.${stack}"
env_file="../../env/${ENVIRONMENT:-development}/.env.${stack}"
if ! check_file_exists "$env_file"; then
missing_files=$((missing_files + 1))
fi
@ -102,4 +101,4 @@ if [[ "$1" == "--build" ]]; then
fi
# Ausführen des Docker Compose Befehls
docker compose -f ../apps/docker-compose.all.yml -p ${INFRASTRUCTURE:-my} --env-file ../env/.env.all --env-file ../env/${ENVIRONMENT}/.env.proxy --profile backend up --remove-orphans $BUILD_OPTION
docker compose -f ../../apps/docker-compose.all.yml -p ${INFRASTRUCTURE:-my} --env-file ../../env/.env.all --env-file ../../env/${ENVIRONMENT:-development}/.env.proxy --profile backend up --remove-orphans $BUILD_OPTION

12
scripts/deploy-app.sh → scripts/start/deploy-app.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
# Pfad zur .env.all Datei
ENV_FILE="../env/.env.all"
ENV_FILE="../../env/.env.all"
# Funktion zum Auslesen von Variablen aus der .env.all Datei
get_env_var() {
grep "^$1=" "$ENV_FILE" | cut -d '=' -f2
@ -13,7 +13,7 @@ ENVIRONMENT=$(get_env_var "ENVIRONMENT")
SERVER_IP=$(curl -s https://api.ipify.org)
# Liste aller Stacks
STACKS=("administration" "frontend" "develop" "database" "proxy" "tools" "website" "backend")
STACKS=("frontend" "database" "backend")
# Liste aller Environments
ENVIRONMENTS=("development" "staging" "production")
@ -26,12 +26,12 @@ check_file_exists() {
fi
}
# Überprüfe die Existenz von .env.all
check_file_exists "../env/.env.all"
check_file_exists "../../env/.env.all"
# Überprüfe die Existenz aller Stack-spezifischen .env Dateien
missing_files=0
for stack in "${STACKS[@]}"; do
env_file="../env/${ENVIRONMENT}/.env.${stack}"
env_file="../../env/${ENVIRONMENT:-development}/.env.${stack}"
if ! check_file_exists "$env_file"; then
missing_files=$((missing_files + 1))
fi
@ -55,5 +55,7 @@ if [[ "$1" == "--build" ]]; then
BUILD_OPTION="--build"
fi
# Ausführen des Docker Compose Befehls
docker compose -f ../apps/docker-compose.all.yml -p ${INFRASTRUCTURE:-my} --env-file ../env/.env.all --env-file ../env/${ENVIRONMENT}/.env.proxy --profile app up --remove-orphans $BUILD_OPTION
docker compose -f ../../apps/docker-compose.all.yml --env-file ../../env/.env.all -p ${INFRASTRUCTURE:-my} --profile app up --remove-orphans $BUILD_OPTION

0
scripts/deploy-overwrite.sh → scripts/start/deploy-overwrite.sh
View File

8
scripts/deploy-proxy.sh → scripts/start/deploy-proxy.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
# Pfad zur .env.all Datei
ENV_FILE="../env/.env.all"
ENV_FILE="../../env/.env.all"
# Funktion zum Auslesen von Variablen aus der .env.all Datei
get_env_var() {
@ -27,12 +27,12 @@ check_file_exists() {
}
# Überprüfe die Existenz von .env.all
check_file_exists "../env/.env.all"
check_file_exists "../../env/.env.all"
# Überprüfe die Existenz aller Stack-spezifischen .env Dateien
missing_files=0
for stack in "${STACKS[@]}"; do
env_file="../env/${ENVIRONMENT}/.env.${stack}"
env_file="../../env/${ENVIRONMENT:-development}/.env.${stack}"
if ! check_file_exists "$env_file"; then
missing_files=$((missing_files + 1))
fi
@ -51,4 +51,4 @@ echo "ENVIRONMENT: ${ENVIRONMENT:-Not set}"
echo "-----------------------------------"
# Ausführen des Docker Compose Befehls
docker compose -f ../apps/docker-compose.all.yml --env-file ../env/.env.all --env-file ../env/${ENVIRONMENT}/.env.proxy --profile proxy up --remove-orphans
docker compose -f ../../apps/docker-compose.all.yml --env-file ../../env/.env.all --env-file ../../env/${ENVIRONMENT:-development}/.env.proxy --profile proxy up --remove-orphans

0
scripts/deploy-traefik.sh → scripts/start/deploy-traefik.sh
View File