408b8f91 · 1dde5000 · 1dde5000 · 1dde5000 · 1dde5000 · 1dde5000
--- a/migrations/update-oo.sh
+++ b/migrations/update-oo.sh
+#!/bin/bash -eux
+
+# Verify they are all in sync with git, if not, print the domain name.
+for oo  in `ls -d ./oo-*`;do
+  cd $oo
+  if ! git diff --exit-code --quiet; then
+    echo $oo
+  fi
+  cd ..
+done
+
+# Update all oo
+for oo  in `ls -d ./oo-*`;do
+  cd $oo
+  libre update
+  cd ..
+done
--- a/scripts/create_vultr.sh
+++ b/scripts/create_vultr.sh
-#!/bin/bash
-
-function valid_ip()
-{
-  local  ip=$1
-  local  stat=1
-  if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
-    OIFS=$IFS
-    IFS='.'
-    ip=($ip)
-    IFS=$OIFS
-    [[ ${ip[0]} -le 255 && ${ip[1]} -le 255 \
-      && ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
-    stat=$?
-  fi
-  return $stat
-}
-
-LABEL=$1
-echo Label: $LABEL
-echo API key: $VULTR_API_KEY
-
-VPSPLANID=${2:-29}
-
-SSHKEYID=`curl -s https://api.vultr.com/v1/sshkey/list\?api_key\=$VULTR_API_KEY | cut -d\" -f2`
-echo Got your ssh key ID $SSHKEYID:
-
-SUBID=`curl -s -d "DCID=9&VPSPLANID=$VPSPLANID&OSID=179&label=$LABEL&SSHKEYID=$SSHKEYID" https://api.vultr.com/v1/server/create\?api_key\=$VULTR_API_KEY | cut -d\" -f4`
-echo Got your SUB ID $SUBID:
-
-while :
-do
-  IP=`curl -s https://api.vultr.com/v1/server/list_ipv4\?api_key\=$VULTR_API_KEY\&SUBID\=$SUBID | cut -d\" -f6`
-  if valid_ip $IP; then
-    break
-  else
-    echo "waiting to get an IP..."
-    sleep 5
-  fi
-done
-
-echo Writing $LABEL to /etc/hosts file, needs your root password:
-sudo -- sh -c "echo $IP $LABEL \#$SUBID >> /etc/hosts"
-
-while :
-do
-  ssh -o "StrictHostKeyChecking no" -o "BatchMode yes" root@$LABEL exit
-  if [ $? == 0 ];
-  then
-    break
-  else
-    echo "waiting to be able to ssh..."
-    sleep 5
-  fi
-done
-
--- a/scripts/destroy_vultr.sh
+++ b/scripts/destroy_vultr.sh
-#!/bin/bash -eux
-
-LABEL=$1
-SUBID=`cat /etc/hosts | grep $LABEL | cut -d# -f2`
-
-echo Writing $LABEL to /etc/hosts file, needs your root password:
-sudo sed -i "/$LABEL/ d" /etc/hosts
-
-curl -d SUBID=$SUBID https://api.vultr.com/v1/server/destroy\?api_key\=$VULTR_API_KEY
-
--- a/scripts/install.sh
+++ b/scripts/install.sh
-#!/bin/bash -eux
-
-/usr/bin/coreos-cloudinit --from-file=/var/lib/coreos-user_data
-
-docker pull indiepaas/rsyslog
-docker pull indiepaas/haproxy
-docker pull indiepaas/confd
-docker pull indiepaas/postfix
-docker pull indiepaas/dovecot
-docker pull indiepaas/nginx
-docker pull indiepaas/mysql
-docker pull indiepaas/wordpress
-docker pull indiepaas/known
-docker pull indiepaas/piwik
-docker pull indiepaas/owncloud
-docker pull indiepaas/duplicity
-docker pull ibuildthecloud/systemd-docker
-
-# Create Directory structure
-mkdir -p /data/domains
-mkdir -p /data/runtime/haproxy/approved-certs
-git clone https://github.com/indiepaas/IndiePaaS.git /data/indiehosters
-
-# Install unit-files
-cp /data/indiehosters/unit-files/* /etc/systemd/system && systemctl daemon-reload
-
-# Configure and start HAproxy
-cp /data/indiehosters/tests/unsecure-certs/indiehosters.dev.pem /data/runtime/haproxy/approved-certs/default.pem
-
-systemctl enable rsyslog
-systemctl start  rsyslog
-systemctl enable confd
-systemctl start  confd
-systemctl enable haproxy.path
-systemctl start  haproxy.path
-
-source /etc/environment
-# Put the backup server in known_hosts files using RSA algo
-# https://github.com/paramiko/paramiko/issues/243
-ssh -o "StrictHostKeyChecking no" -o "BatchMode yes" -o "HostKeyAlgorithms=ssh-rsa" $BACKUP_DESTINATION exit
-
-# Import backup encryption key
-gpg --import /root/key.pub
-TRUSTVAR=`gpg --fingerprint root | grep Key|cut -d= -f2|sed 's/ //g'`
-TRUST_VALUE=':6:'
-echo $TRUSTVAR$TRUST_VALUE | gpg --import-ownertrust
-
-docker run --rm -v /opt/bin:/target jpetazzo/nsenter
-curl -L https://github.com/docker/compose/releases/download/1.2.0/docker-compose-`uname -s`-`uname -m` > /opt/bin/docker-compose
-chmod +x /opt/bin/docker-compose
-update_engine_client -update
-
--- a/scripts/start.sh
+++ b/scripts/start.sh
-#!/bin/bash -eux
-
-ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
-
-# check if there are already running servers
-if [ "$(cat /etc/hosts | grep -q '.test' ; echo $?)" -eq 0 ]; then
-  echo "It looks like some servers are still running."
-  echo "please run ./script.stop.sh first if you want to create new servers."
-  exit 1
-fi
-
-# Create backup for tests
-
-$ROOT_DIR/scripts/create_vultr.sh backup.test
-
-scp $ROOT_DIR/configs/backup.config root@backup.test:/var/lib/coreos-user_data
-ssh root@backup.test /usr/bin/coreos-cloudinit --from-file=/var/lib/coreos-user_data
-BACKUP_IP=`cat /etc/hosts | grep backup.test | cut -d" " -f1`
-
-# Create server for tests
-
-$ROOT_DIR/scripts/create_vultr.sh server.test 30
-cat $ROOT_DIR/configs/server.config | sed s/##BACKUP_IP##/$BACKUP_IP/g > /tmp/server.config
-scp /tmp/server.config root@server.test:/var/lib/coreos-user_data
-scp $ROOT_DIR/scripts/install.sh root@server.test:/tmp/install.sh
-ssh root@server.test /tmp/install.sh
-IP=`cat /etc/hosts | grep server.test | cut -d" " -f1`
-
-# Adds ip to /etc/hosts file
-
-echo "We'll now modify your /etc/hosts to add the test application name"
-applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
-for application in "${applications[@]}"
-do
-  echo Writing $application.test to /etc/hosts file, needs your root password:
-  sudo -- sh -c "echo $IP $application.test  >> /etc/hosts"
-done
-
-# cleaning
-rm /tmp/server.config
-
--- a/scripts/stop.sh
+++ b/scripts/stop.sh
-#!/bin/bash -eux
-
-ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
-
-$ROOT_DIR/scripts/destroy_vultr.sh backup.test
-ssh-keygen -f ~/.ssh/known_hosts -R backup.test
-$ROOT_DIR/scripts/destroy_vultr.sh server.test
-ssh-keygen -f ~/.ssh/known_hosts -R server.test
-
-applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
-
-for application in "${applications[@]}"
-do
-  sudo sed -i "/$application.test/ d" /etc/hosts
-done
-
--- a/tests/clean.sh
+++ b/tests/clean.sh
-#!/bin/bash -eux
-source /etc/environment
-image=$1
-
-systemctl stop web@$image.test
-
-sleep 20
-
-systemctl list-units | grep -c "$image\.test" | grep 0
-
-rm -rf /data/runtime/domains/$image.test
-rm -rf /data/domains/$image.test
-
-ssh $BACKUP_DESTINATION "rm -rf $image.test"
-
--- a/tests/email.sh
+++ b/tests/email.sh
-#!/bin/bash -eux
-
-mkdir -p /data/domains/mail/dovecot
-mkdir -p /data/domains/mail/TLS/
-mkdir -p /data/domains/mail/static/www-content
-mkdir -p /data/runtime/domains/mail/mysql/db_files
-mkdir -p /data/domains/mail/mysql
-mkdir /data/domains/mail/nginx
-touch /data/domains/mail/nginx/.env
-
-pass=`echo $RANDOM  ${date} | md5sum | base64 | cut -c-10`
-echo MYSQL_PASS=$pass > /data/domains/mail/mysql/.env
-cat /data/domains/mail/mysql/.env | sed s/MYSQL_PASS/DB_PASS/ > /data/domains/mail/.env;
-echo HOSTNAME=pierre-o.fr >> /data/domains/mail/.env
-echo APPLICATION=nginx >> /data/domains/mail/.env
-echo DOCKER_ARGUMENTS="-v /data/domains/mail/static/www-content:/app" >> /data/domains/mail.env
-
-openssl genrsa -out /data/domains/mail/TLS/ssl_private_key.pem 2048
-openssl req -new -key /data/domains/mail/TLS/ssl_private_key.pem -out /data/domains/mail/TLS/ssl_cert_sign_req.csr \
-  -sha256 -subj "/C=PT/ST=/L=/O=/CN=dovecot.test"
-openssl x509 -req -days 365 \
-  -in /data/domains/mail/TLS/ssl_cert_sign_req.csr -signkey /data/domains/mail/TLS/ssl_private_key.pem -out /data/domains/mail/TLS/ssl_certificate.pem
-openssl dhparam -out /data/domains/mail/TLS/dh2048.pem 2048
-
-cat /data/domains/mail/TLS/ssl_certificate.pem /data/domains/mail/TLS/ssl_private_key.pem > /data/domains/mail/TLS/mail.pem
-
-systemctl enable dovecot
-systemctl enable postfix
-systemctl start dovecot
-systemctl start postfix
-
--- a/tests/finish.sh
+++ b/tests/finish.sh
-#!/bin/bash -eux
-
-ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
-
-systemctl list-units | grep -c failed | grep 0
-
-applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
-
-for application in "${applications[@]}"
-do
-  curl -Lk $application.test
-  /data/indiehosters/tests/clean.sh $application
-done
-
--- a/tests/force-clean.sh
+++ b/tests/force-clean.sh
-#!/bin/bash -eux
-source /etc/environment
-
-image=$1
-systemctl stop web@$image.test
-if [ "$image" == "static" ]; then
-  systemctl disable $image@$image.test
-else
-  systemctl disable lamp@$image.test
-fi
-
-systemctl stop *@$image.test.timer
-systemctl stop *@$image.test
-systemctl reset-failed
-rm -rf /data/runtime/domains/$image.test
-rm -rf /data/domains/$image.test
-ssh $BACKUP_DESTINATION "rm -rf $image.test"
-systemctl list-units | grep "$image\.test"
-
--- a/tests/start.sh
+++ b/tests/start.sh
-#!/bin/bash -eux
-
-ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
-
-applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
-
-for application in "${applications[@]}"
-do
-  /data/indiehosters/tests/test.sh $application
-done
--- a/tests/test.sh
+++ b/tests/test.sh
-#!/bin/bash -eux
-
-image=$1
-
-# prepare data
-/data/indiehosters/utils/provision.sh -s -e test@test.org -a $image -u $image.test -f /data/indiehosters/tests/unsecure-certs/indiehosters.dev.pem
-
-if [ "$image" == "static" ]; then
-  sleep 30
-else
-  sleep 70
-fi
-
-systemctl list-units | grep "$image\.test" | grep -c failed | grep 0
-curl -Lk $image.test
-
--- a/tests/unsecure-certs/indiehosters.dev.pem
+++ b/tests/unsecure-certs/indiehosters.dev.pem
-----BEGIN CERTIFICATE-----
-MIIFljCCA34CCQDXgLjASWHpmDANBgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMC
-UFQxETAPBgNVBAgTCFBvcnR1Z2FsMQ8wDQYDVQQHEwZMaXNib24xFTATBgNVBAoT
-DEluZGllSG9zdGVyczEZMBcGA1UEAxMQaW5kaWVob3N0ZXJzLmRldjEnMCUGCSqG
-SIb3DQEJARYYY29udGFjdEBpbmRpZWhvc3RlcnMubmV0MB4XDTE0MTAxMDE0MzY1
-NVoXDTE1MTAxMDE0MzY1NVowgYwxCzAJBgNVBAYTAlBUMREwDwYDVQQIEwhQb3J0
-dWdhbDEPMA0GA1UEBxMGTGlzYm9uMRUwEwYDVQQKEwxJbmRpZUhvc3RlcnMxGTAX
-BgNVBAMTEGluZGllaG9zdGVycy5kZXYxJzAlBgkqhkiG9w0BCQEWGGNvbnRhY3RA
-aW5kaWVob3N0ZXJzLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
-AKBOylYEoL1P3q7skTJsRA8yQj6fVHWHS3kPg6tcVavZawc6tRxIiDc41/EWjL7i
-Owb6io2UbKaD/g8695CFER9FvcW1iukrC/tUV5/AVd0SDcvS3RnGUndKh82HCNrM
-rUDU/XH8smEpfjuXrq0YPuiGbY1zSLQKirjYTiasJODfGkxSbobNfjdL7aEo+3HX
-BQq5mGIj9A4PYmeyFGkHCN8tRvf4lY1KfPJoWtDL4kmO4SFNZ4FAehH9AJ6vTN8y
-MFcHtFzpp2636TYTBQsLu48nrKs6MqOOyU0R/Ufw9QjiWDLo3Co6pcCTmVf16skO
-odg9BNdEhMXefpiEE1NOL6ZOkSUG5WSY0Q5Il649QcJOYzw2A0Nk3IOxoIexXat4
-siCgSlNfgyRmBn5HNcZo5aEDf9+3gEqFzEFSyH3ClIApC7RePbpPvsCAgpagBOXC
-PgO2w2VW9HfNHkwpF3Yqn7cqw0FQKwKREufVdnSvs9fgFlMZnqA3sMym8o99Fcvq
-WBaTuh54ePfNGmawPt1N8vUZUYXXOasWKmnjfan3S1rsNAf5M2ntLqEJRDwihdSm
-ZSO+B51hDO5jzHoqxHwA71CwUAp4hRO83xR6ziB1KR2834I/7LBzbpZ0EWm9adez
-8V+dwgBhTt0LYEUGLJN22XRi9d4RPhnRJpSLPV/h0Fa/AgMBAAEwDQYJKoZIhvcN
-AQEFBQADggIBAFzYeGiomhKZW//aUM4V4RLMVIf0B4uixSMxZGQIUWVtYckmyG2N
-t8qNBHAQ3gl811NqnqestIQ4DpGkNQRCv/iDa5OwdLJHTOQUxajUE/1xmidHtpzR
-ReBZvW48k0dLEM2gmIrt7qQwqqecjlWjvSQlvJxYWrn6TBAkFL6Quu8gfoPK9/cE
-HG/aRQ0PCywGV20LSZ+J03LN7MlACClgVTB7dJuWIN0dNi7TsqpIupk11ZQ3ybBY
-WPQmLnIiCAijL69kBmBynLvJT5XDy2C4ChyzZ5Y73CXhgJwCqOZJwbO7Doig9PZQ
-yVLtui18W3uVQ7ZlIxCAQUeFzSkZf3/XNlr2FkP+efw4LLGH8kiKMsyKuoLuthO1
-1YrXvI0sjuDOxQwrlNQ2CLVANLBpUMH2U1aiYbA6iICSHr8ORAc84StgG9mFLeyN
-w32/04MGPvZfset8gRCOuvA2sLTjylqh0IpaPWlnT77neqOFtETtzJ+3UuOcdfnN
-t2bxqimHT8WhBB823WajWlLdXcc902e9LLhe9M1/bwOqFIIlKDqtCndjyXpe/qhA
-s0YB8TqJLxJQqvdnmYiBFfGrDTgNBpjt6AKJHRGd4xgsYsmQ3zLJ0Z8mNNQhlLf/
-osGXa2s/ZX7ernfvSDQIOB70gohCLFtBok0unyBJhtHxXmZ7UmpuIanx
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIIJKAIBAAKCAgEAoE7KVgSgvU/eruyRMmxEDzJCPp9UdYdLeQ+Dq1xVq9lrBzq1
-HEiINzjX8RaMvuI7BvqKjZRspoP+Dzr3kIURH0W9xbWK6SsL+1RXn8BV3RINy9Ld
-GcZSd0qHzYcI2sytQNT9cfyyYSl+O5eurRg+6IZtjXNItAqKuNhOJqwk4N8aTFJu
-hs1+N0vtoSj7cdcFCrmYYiP0Dg9iZ7IUaQcI3y1G9/iVjUp88mha0MviSY7hIU1n
-gUB6Ef0Anq9M3zIwVwe0XOmnbrfpNhMFCwu7jyesqzoyo47JTRH9R/D1COJYMujc
-KjqlwJOZV/XqyQ6h2D0E10SExd5+mIQTU04vpk6RJQblZJjRDkiXrj1Bwk5jPDYD
-Q2Tcg7Ggh7Fdq3iyIKBKU1+DJGYGfkc1xmjloQN/37eASoXMQVLIfcKUgCkLtF49
-uk++wICClqAE5cI+A7bDZVb0d80eTCkXdiqftyrDQVArApES59V2dK+z1+AWUxme
-oDewzKbyj30Vy+pYFpO6Hnh4980aZrA+3U3y9RlRhdc5qxYqaeN9qfdLWuw0B/kz
-ae0uoQlEPCKF1KZlI74HnWEM7mPMeirEfADvULBQCniFE7zfFHrOIHUpHbzfgj/s
-sHNulnQRab1p17PxX53CAGFO3QtgRQYsk3bZdGL13hE+GdEmlIs9X+HQVr8CAwEA
-AQKCAgEAgDpF8sRE5ukqUHV+Nv0O+7DR+FFuN4x/PFjCk6GKDaodyGyXTgZenv1j
-Db9h2ZYQbSafCVy+A/v0jq42NG2cIo2gnLL4aEY8kU8HwAsTI4A7dNw4a1ONx0ng
-ku/+jzXFJ+S2ziS5cqrEBFryKBcKyugsXUbn0svT5sNuz9RGs3ECEialrkJVQVoE
-vDKR3p+Fsux+DZKAt3Zq2lNBrDkqSYpoCBXZWmlIxIXgjr9nRDt7rS3DK0ot2pGr
-m0LRlH8K17Kb/O4RNaj6bHyOPiWmY33yygwFUXr3XiSTmqYM+oxCzIYjBcxfpUjr
-EcbthOGlZ9h3NNHj+npcfRa4dpxF09c8gW2AVG+nXVhciZpcnLDZ5z/Nd/510axU
-0m0PlCPfh+3L5tiia9k7zlRxjyzER/GofNiJ6v8oo8YZFvhVdbBBQoGs8aadSLH9
-5Kf3fPwm8ZhmmOTVWbFJZul/3o0Ho3yFxMVMq86Qu8Pm+h6Q1Pn7yZsXMg/ECXP/
-/ErBaWA+zuBZkgCSbdZk58cxkN45PGWGkoHHACVUvCbG8IuYQ989JeCy5w01FgFV
-IXm4squNtWgyhLZgvkhl2Hnc4pR+iYJRgh+ouyv7nELQde7hpM6YJLLUpMfjo7r5
-lJyWasZtb9E4iEl4/JrdQYMJCDEyBfDN6sTKr1Ai2txjzQA4uOECggEBAM9LDpJ+
-RR+b1rdYgtS6VL5OR1bWUHSi1W9L8Xz20wSQGbRxfEJfWmSslOU0COXvA01eOxQ9
-OvHcWxISiHdiM3QxpYNtbsgATCQbsSgegMHpbaEgJPadEkUWxdWejbtpA1ypKmGg
-iFB5H5IIcz65wWNFC3g29wrXyBsRevi+K/PTbwOzOlad7AAcbuuHiv73wxi5xo1P
-i6IZfjgQMKzD9AJbACAAqyvg70XT+3vlIo5ABKOw1kLuejbNBaXd1af7OfVXReL7
-BGGJmG6IzI0qP9q7fX3Iq4Gx34Sf0TSomSyW4kxtsDMPXVURMU4ssxeshh0zYFsZ
-GQgsr36mOW5cvbkCggEBAMX5gJTrAW47GgObnQWtYIHRvYO0g7Ge1fN12VzHLiap
-3a3RfhEDTVKkiugO1GxRC1NY0tcDUwrUzS/00ovDZ/8dVqMHITFj6zfA8aX6vnzA
-TnoUWINawPxFBB6FrEuXyGIVbykinuvFyk+z/DzgKzL8X5MaLymYSV+eT+9jjLHO
-pJ37S86evkljq24Ow6KB1rKb8mMsk8GDZB4JalDdGWzlG1qJkHMg7ULkEHx2lDTW
-mcuHwRtMimFPCBGqH0i+p3O1IUkodJPNYbldrEfAkzRdD4lH9B+DNYBgxP4FWhY2
-d9DTHAGCa9ZV0HjnGgPOILRmV69+9yQhNhu5010qNDcCggEABq1VP9S/Z0A+z1MT
-i8SgvCyLUbm/h7JDC723fp34uBnoKg7JwN2PbNS+Sw+9BaMISTKy1nkOcAH4EQH1
-0Vqha6m5uh0JR3ny+erGbxNkdFqPhHQjnKn8j6snHjVoPVQpno94ZQKlwWnVYX/S
-LoAPQaJUtz+V/4xpzq1md6Kwib8SwVzBkU6u7mX8EKwiBwp2B1LcmWqphcQqc6XZ
-24bIUlcaDu3Wlag+LNKiNCByV4CqZZdpn2hNGXzLJMebfTizajqwbppFTtr+xPi1
-Fgr5WZNWfHm9RIU1PPFk7LxNisklau7RkSN6jyXpn6oC7s1I2KHyBZ0uWDwQPxUd
-nndwSQKCAQA/gmrdWwZ6djtCLQmSaKws+TvypFYbBPldwNCaEsubW6Lhv/LRQl3r
-xR1KlHdQyC757eS1VTuundW1LLTeYTFbhe3lHsRnM8ahfCQJOwcgvhBu2VgLy3Fd
-fEZ2BCvhlC+UR4wBhjm1KR5dsz+Xx9IT6SI/7oZysYfYRNEf2q+n2sK0a4lGH2ar
-5G16QQJBf6WAZsa7SfGcgqn7eMnCZytg456CzN6qEEYMz1z6kI+6450yzboFJ+i8
-jr3n7Mtcas0NMW4cKf477AcNkB9UZVLT2YbCY3LNKSpgpKqNUuozdgW51/+D/HLb
-r2vRXVHbJqUXOj2m7vQZgw34lwRXPtLBAoIBAChJgVltpcWKUWqltYXCQsdPPbb4
-DQMb4bb2vV2iON2kl+UlcCdhr0f5yWoAyKjs49lcHBN2Ny4zVR0vIu/IDeX47Fx7
-n0OfcFgcnqiqiFhXkWGcfU2JHq/q5tmk5M04aCgkFM8IyEsG6ZLoi849Km9r8quu
-VfclpJ6SsMGnWo/A2eIVP9GsfqRys9ZWKJ9inZRP5Lmx6pCZa12Mn6ey0h/kxOqh
-ruJQDdV0O4PsvZhTQFhahSVyNmSKnLguq3zsyBwKRsNI9TVXMv/hs0nnwfFgtBK1
-K61c7AL4+9dtAWEnuwqy/1srZEeBr/jgTqyFyr+GQFYUMuE/uXNKCDWlIRI=
-----END RSA PRIVATE KEY-----
--- a/unit-files/backup-u@.service
+++ b/unit-files/backup-u@.service
-[Unit]
-Description=Back up data from %i
-
-[Service]
-Type=oneshot
-TimeoutStartSec=0
-WorkingDirectory=/data/domains/%i/
-EnvironmentFile=/etc/environment
-ExecStartPre=/bin/bash -euxc ' \
-  /bin/docker run \
-    --rm \
-    --name clean-%i \
-    -e PASSPHRASE \
-    -v /root:/root \
-    indiepaas/duplicity \
-      remove-older-than 10D --force \
-      sftp://${BACKUP_DESTINATION}/%i'
-ExecStartPre=/bin/bash -euxc '/data/domains/%i/BACKUP'
-ExecStart=/bin/bash -euxc ' \
-  /bin/docker run \
-    --rm \
-    --name backup-%i \
-    -e PASSPHRASE \
-    -h backup.container \
-    --cpu-shares=40 \
-    -e PASSPHRASE \
-    -v /root:/root \
-    -v /data/domains/%i:/backup indiepaas/duplicity \
-      --full-if-older-than 1W \
-      --encrypt-key ${ENCRYPT_KEY} \
-        /backup \
-        sftp://${BACKUP_DESTINATION}/%i'
-
--- a/unit-files/backup-u@.timer
+++ b/unit-files/backup-u@.timer
-[Unit]
-Description=Hourly backup of www and mysql content.
-
-# Dependency binding
-BindsTo=universal@%i.service
-
-[Timer]
-OnActiveSec=20
-OnUnitActiveSec=60min
-AccuracySec=50min
-
--- a/unit-files/backup@.service
+++ b/unit-files/backup@.service
-[Unit]
-Description=Back up data from %i
-
-[Service]
-Type=oneshot
-TimeoutStartSec=0
-EnvironmentFile=/etc/environment
-ExecStartPre=/usr/bin/docker run --rm -v /opt/bin:/opt/bin ibuildthecloud/systemd-docker
-ExecStartPre=-/usr/bin/docker kill mysqldump-%i
-ExecStartPre=-/usr/bin/docker rm mysqldump-%i
-ExecStartPre=-/usr/bin/docker rm clean-%i
-ExecStartPre=-/usr/bin/docker rm backup-%i
-ExecStartPre=/bin/bash -euxc ' \
-  /bin/docker run \
-    --rm \
-    --name clean-%i \
-    -e PASSPHRASE \
-    -v /root:/root \
-    indiepaas/duplicity \
-      remove-older-than 10D --force \
-      sftp://${BACKUP_DESTINATION}/%i'
-ExecStartPre=/bin/bash -euxc '\
-  if [ -d /data/domains/%i/mysql ]; then \
-    echo "Backing up mysql databases for %i"; \
-    mysql_passwd=`cat /data/domains/%i/mysql/.env | cut -d= -f2`; \
-    /usr/bin/docker run \
-      --rm \
-      --name mysqldump-%i \
-      --link mysql-%i:db \
-      --env-file /data/domains/%i/mysql/.env \
-      indiepaas/mysql \
-        mysqldump \
-          --all-databases \
-          --events \
-          -uadmin \
-          -p$mysql_passwd \
-          -h db > /data/domains/%i/mysql/dump.sql; \
-  fi'
-ExecStart=/bin/bash -euxc ' \
-  /bin/docker run \
-    --rm \
-    --name backup-%i \
-    --cpu-shares=40 \
-    -e PASSPHRASE \
-    -h backup.container \
-    -v /root:/root \
-    -v /data/domains/%i:/backup indiepaas/duplicity \
-      --full-if-older-than 1W \
-      --encrypt-key ${ENCRYPT_KEY} \
-        /backup \
-        sftp://${BACKUP_DESTINATION}/%i' 
-
--- a/unit-files/backup@.timer
+++ b/unit-files/backup@.timer
-[Unit]
-Description=Hourly backup of www and mysql content.
-
-# Dependency binding
-BindsTo=web@%i.service
-
-[Timer]
-OnActiveSec=20
-OnUnitActiveSec=60min
-AccuracySec=50min
-
--- a/unit-files/confd.service
+++ b/unit-files/confd.service
-[Unit]
-Description=%p
-
-# Requirements
-Requires=docker.service
-Requires=etcd.service
-
-# Dependency ordering
-After=docker.service
-After=etcd.service
-Before=haproxy.service
-
-[Service]
-Restart=always
-RestartSec=20
-TimeoutStartSec=0
-ExecStartPre=-/usr/bin/docker kill %p
-ExecStartPre=-/usr/bin/docker rm %p
-ExecStart=/usr/bin/docker run \
-  --rm \
-  --name %p \
-  -v /data/runtime/haproxy/:/etc/haproxy/ \
-  -v /var/run/docker.sock:/var/run/docker.sock \
-  indiepaas/confd
-ExecReload=/usr/bin/docker restart %p
-ExecStop=/usr/bin/docker stop %p
-
-[Install]
-WantedBy=multi-user.target
-
--- a/unit-files/discovery-u@.service
+++ b/unit-files/discovery-u@.service
-[Unit]
-Description=%p for %i etcd registration
-
-# Requirements
-Requires=etcd.service
-
-# Dependency binding
-BindsTo=universal@%i.service
-
-[Service]
-Type=oneshot
-RemainAfterExit=yes
-Environment=URL=%i
-ExecStart=/bin/bash -xc ' \
-  ip=""; \
-  while [ -z $ip ]; \
-  do \
-    container_name=`echo ${URL}_web_1 | sed "s/\.//g" | sed "s/-//g"`; \
-    ip=`docker inspect --format \'{{.NetworkSettings.IPAddress}}\' $container_name`; \
-    sleep 1; \
-  done; \
-  etcdctl --peers 172.17.42.1:4001 set /services/web/%i \'{"ip":"\'$ip\'", "port":"80"}\';'
-ExecStop=-/usr/bin/etcdctl rm /services/web/%i
-
--- a/unit-files/discovery@.service
+++ b/unit-files/discovery@.service
-[Unit]
-Description=%p for %i etcd registration
-
-# Requirements
-Requires=etcd.service
-
-# Dependency binding
-BindsTo=web@%i.service
-
-[Service]
-Type=oneshot
-RemainAfterExit=yes
-ExecStart=/bin/bash -euxc ' \
-  ip=`docker inspect --format \'{{.NetworkSettings.IPAddress}}\' %i`; \
-  etcdctl --peers 172.17.42.1:4001 set /services/web/%i \'{"ip":"\'$ip\'", "port":"80"}\';'
-ExecStop=-/usr/bin/etcdctl rm /services/web/%i
-