summaryrefslogtreecommitdiff
path: root/x/setup/stage2
blob: c27dc9c3cb753679d63fa3d44116feca346293d1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
#!/bin/sh -eu
# This script runs under the server, Alpine Linux in this instance
# This script runs as a regular user, with docker access

root="$(CDPATH= cd -- "$(dirname -- "$0")" && pwd -P)/../../"

echo "!!! HOST INTERACTION NEEDED"
echo "!!! Start x/registry, x/expose it, and x/uploadall images into it"
echo "!!! WRITE 'ok' WHEN DONE"

while true; do
    read -p "are ye done yet: " ok
    case $ok in
        ok ) break ;;
        * ) echo "say 'ok' when done" ;;
    esac
done

echo "# Downloading images"
"$root/x/downloadall"

echo "# Create Docker networks"
docker network create web || true
docker network create ci || true

echo "# Create the necessary folder structure"
mkdir -p \
    "$root/data/bin" \
    "$root/data/gemini/certs" \
    "$root/data/gemini/pages" \
    "$root/data/git/home/.gitolite/local/hooks/repo-specific" \
    "$root/data/git/home/.gitolite/logs" \
    "$root/data/git/home/repositories" \
    "$root/data/laminar" \
    "$root/data/pages" \
    "$root/data/znc" \
    "$root/logs/nginx" \
    "$root/logs/php"

# Creating these manually as fail2ban uses a wildcard and we want it to pick
# all of them up
touch \
    "$root/logs/nginx/access.log" \
    "$root/logs/nginx/crap_access.log" \
    "$root/logs/nginx/crawler_access.log" \
    "$root/logs/nginx/skid_access.log" \
    "$root/logs/nginx/error.log"

echo "# gitolite: Fix permissions"
echo "# Errors are FINE (after initial setup, that is)"
chmod g+rwx -R "$root/data/git/home" || true

if [ ! -e "$root/data/git/home/stage2-skip-me" ]; then
    username="$(id -un)"
    echo "# gitolite: Configure with user $username"

    cp "$HOME/.ssh/authorized_keys" "$root/data/git/home/$username.pub"
    chmod a+r "$root/data/git/home/$username.pub"

    cd "$root/conf/git"

    # .override.yml automatically gets pulled in by docker-compose
    ln -s docker-compose.prod.yml docker-compose.override.yml || true

    docker-compose run \
        --rm \
        --entrypoint gitolite \
        -u "git:user" \
        -e "USER=git" \
        gitolite setup -m "Initial Setup" -pk "/srv/$username.pub"

    rm "$root/data/git/home/$username.pub"
    touch "$root/data/git/home/stage2-skip-me"
fi

if [ ! -e "$root/conf/nginx/docker-compose.override.yml" ]; then
    echo "# nginx: Configuring production overrides"

    cd "$root/conf/nginx"
    ln -s docker-compose.prod.yml docker-compose.override.yml || true
fi