hotfixes/2015-01-12-remove-staticgit.sh

-domains=( domain1 domain2 )
-
-# START
-for domain in "${domains[@]}"
-do
-  cp -R /data/runtime/domains/$domain/static-git /data/domains/$domain/static
-  systemctl stop static-git@$domain
-  systemctl start static@$domain
-  systemctl list-units | grep $domain | grep failed
-done
-# STOP
-
-# ROLLBACK START
-for domain in "${domains[@]}"
-do
-  systemctl stop static@$domain
-  systemctl start static-git@$domain
-done
-# ROLLBACK STOP
-
-# CLEAN START
-for domain in "${domains[@]}"
-do
-  systemctl disable static-git@$domain
-  systemctl enable static@$domain
-  rm -rf /data/domains/$domain/static-git
-done
-# CLEAN STOP

hotfixes/2015-01-16-moves-backup-to-duplicity.sh

-# START
-docker pull pierreozoux/duplicity
-
-gpg --gen-key
-gpg --list-keys
-
-echo ENCRYPT_KEY="" >> /etc/environment
-echo BACKUP_DESTINATION="backup@backup" >> /etc/environment
-
-cd /data/indiehosters
-git pull
-cp /data/indiehosters/unit-files/* /etc/systemd/system && sudo systemctl daemon-reload
-
-for domain in "${domains[@]}"
-do
-  systemctl start backup@$domain
-  systemctl status backup@$domain
-done
-
-# STOP
-
-# CLEAN START
-rm -rf /data/import
-rm /data/BACKUP_DESTINATION
-su backup
-cd
-mkdir old_backups
-mv ./* old_backups
-# CLEAN STOP

hotfixes/2015-01-16-ultimate-DRY.sh

-static_domains=( domain1 domain2 )
-wordpress_domains=( domain1 domain2 )
-
-# START
-cd /data/indiehosters
-git pull
-cp /data/indiehosters/unit-files/* /etc/systemd/system && sudo systemctl daemon-reload
-docker pull pierreozoux/wordpress
-
-for domain in "${static_domains[@]}"
-do
-  folder=/data/domains/${domain}
-  echo "EMAIL=test@test.org" > ${folder}/.env
-  echo "APPLICATION=nginx"  >> ${folder}/.env
-  echo DOCKER_ARGUMENTS="-v ${folder}/static/www-content:/app" >> ${folder}/.env
-  systemctl restart static@$domain
-  systemctl status static@$domain
-  systemctl status web@$domain
-done  
-
-for domain in "${wordpress_domains[@]}"
-do
-  folder=/data/domains/${domain}
-  echo "EMAIL=test@test.org" > ${folder}/.env
-  echo "APPLICATION=wordpress"  >> ${folder}/.env
-  echo DOCKER_ARGUMENTS="--link mysql-${domain}:db \
--v /data/domains/${domain}/wordpress/data:/app/wp-content \
--v /data/domains/${domain}/wordpress/.htaccess:/app/.htaccess \
---env-file /data/domains/${domain}/wordpress/.env" >> ${folder}/.env
-  systemctl restart lamp@$domain
-  systemctl status lamp@$domain
-  systemctl status web@$domain
-done  
-
-# STOP
-
-# ROLLBACK START
-cd /data/indiehosters
-git checkout 65d6486005e3d96e3ad9d5ab17f99d8910cc5e70 
-cp /data/indiehosters/unit-files/* /etc/systemd/system && sudo systemctl daemon-reload
-cd dockerfiles/services/wordpress/
-docker build -t pierreozoux/wordpress .
-
-for domain in "${wordpress_domains[@]}"
-do
-  systemctl restart lamp@$domain
-done
-for domain in "${static_domains[@]}"
-do
-  systemctl restart static@$domain
-done
-# ROLLBACK STOP
-
-# CLEAN START
-# CLEAN STOP

hotfixes/2015-02-20-release-0.4.sh

-START
-
-cd /data/indiehosters
-git pull
-
-docker pull pierreozoux/rsyslog
-docker pull pierreozoux/haproxy
-docker pull pierreozoux/confd
-docker pull pierreozoux/postfix
-docker pull pierreozoux/nginx
-docker pull pierreozoux/mysql
-docker pull pierreozoux/wordpress
-docker pull pierreozoux/known
-docker pull pierreozoux/piwik
-docker pull pierreozoux/owncloud
-
-systemctl enable rsyslog
-systemctl start  rsyslog
-systemctl enable postfix
-systemctl disable email-forwarder
-
-cp /data/indiehosters/unit-files/* /etc/systemd/system
-
-reboot
-
-STOP

hotfixes/2015-04-26-upgrade-wordpress.sh

-docker pull indiepaas/wordpress
-
-cd /data/domains
-for domain in `ls .`
-do
-  if cat $domain/.env|grep APPLICATION=wordpress
-  then
-    systemctl restart web@$domain
-    /opt/bin/docker-enter $domain wp --allow-root core update-db --path=/app
-  fi
-done

hotfixes/2015-11-22-upgrade-mysql.sh

-systemctl list-units | grep failed | grep b-u | xargs systemctl status | grep -a2 'SHOW VARIABLES' | grep .service | cut -d'@' -f2 | cut -d'.' -f1,2 | sed "s/\.//g" | sed "s/-//g" | sed "s/$/_db_1/" | xargs -I % docker exec % bash -c 'mysql_upgrade -uroot -p$MYSQL_ROOT_PASSWORD'

install.linux.sh

+#!/bin/bash
+
+#This script is tested on Debian 12
+
+#Current version of libre.sh to be installed 
+LIBRE_VERSION=1.2
+# System env vars  : can be overrided by a values.env file next to this install file
+
+
+### CONFIG : Specify you template repo ROOT without training slash (Optional) or comment if you want to supply full url for apps
+
+APP_REPO_URL="lab.libreho.st/libre.sh/compose"
+
+
+
+
+## domain handling 
+
+### CONFIG : change to your domain vendor ( namecheap, ovh , scaleway, )
+DOMAIN_SERVER=namecheap
+
+###  Namecheap specific
+NAMECHEAP_URL="namecheap.com"
+NAMECHEAP_API_USER="pierreo"
+NAMECHEAP_API_KEY=
+
+### ovh specific (WIP) 
+OVH_URL="eu.api.ovh.com"
+OVH_API_USER=""
+OVH_API_KEY=
+
+
+### Scaleway specific (WIP) 
+SCALEWAY_URL=""
+SCALEWAY_API_USER=""
+SCALEWAY_API_KEY=
+
+
+### TODO :  change your settings 
+IP="curl -s http://icanhazip.com/"
+FirstName="Pierre"
+LastName="Ozoux"
+Address=""
+PostalCode=""
+Country="Portugal"
+Phone="+351.967184553"
+EmailAddress="pierre@ozoux.net"
+City="Lisbon"
+CountryCode="PT"
+## Backup
+BACKUP_DESTINATION=root@xxxxx:port
+
+### CONFIG  : Change your mail settings.
+## SMTP
+MAIL_USER=
+MAIL_PASS=
+MAIL_HOST=mail.indie.host
+MAIL_PORT=587
+MAIL_SECURITY=
+
+# Default admin emails for apps
+
+ADMIN_EMAIL=support@ekimia.fr
+
+### TODO : source a setting file is present to override defaults
+
+echo "-------- Welcome to libre.sh $LIBRE_VERSION installer"
+
+echo "----  sourcing local values.env file if present"
+
+source values.env
+
+
+# STEP add kernel parameter
+
+# STEP Define environnement
+
+echo "-------- setting up system variables"
+
+echo "APP_REPO_URL=${APP_REPO_URL}" >> /etc/environment
+
+echo "LIBRE_VERSION=${LIBRE_VERSION}" >> /etc/environment
+
+echo "MAIL_USER=${MAIL_USER}" >> /etc/environment
+
+echo "MAIL_PASS=${MAIL_PASS}" >> /etc/environment
+
+echo "MAIL_HOST=${MAIL_HOST}" >> /etc/environment
+
+echo "MAIL_PORT=${MAIL_PORT}" >> /etc/environment
+
+echo "MAIL_SECURITY=${MAIL_SECURITY}" >> /etc/environment
+
+
+echo "ADMIN_EMAIL=${ADMIN_EMAIL}" >> /etc/environment
+
+
+# STEP Install Docker 
+
+name="docker.io"
+# TODO : Fix a version for docker  ?
+
+    dpkg -s $name &> /dev/null  
+
+    if [ $? -ne 0 ]
+
+        then
+            echo "$name not installed"  
+            apt-get update
+#            curl -fsSL https://get.docker.com -o get-docker.sh
+#            sh get-docker.sh
+            apt install -y $name
+            echo "-------- Native docker installed "
+
+        else
+            echo    "$name already installed"
+    fi
+
+# STEP "install docker-compose" 
+echo "-------- Install native docker-compose "
+
+# TODO : Fix a version for docker compose ? 
+
+#mkdir -p /opt/bin &&\
+#dockerComposeVersion=$(curl -s https://api.github.com/repos/docker/compose/releases/latest|grep tag_name|cut -d'"' -f4) &&\
+#curl -L https://github.com/docker/compose/releases/download/$dockerComposeVersion/docker-compose-`uname -s`-`uname -m` > /opt/bin/#docker-compose &&\
+#chmod +x /opt/bin/docker-compose
+
+apt install -y docker-compose
+
+
+# STEP "install git"
+
+echo "-------- Install git"
+
+distro=$( ( lsb_release -ds || cat /etc/*release || uname -om ) 2>/dev/null | head -n1 | cut -d " " -f1)
+if [[ "$distro" == "Ubuntu" || "$distro" == "Debian" ]]; then
+apt-get install -y git
+elif [[ "$distro" == "CentOS" || "$distro" == "AlmaLinux" || "$distro" == "Rocky" || "$distro" == "Fedora" ]]; then
+yum install -y git
+elif [[ "$distro" == "openSUSE" ]]; then
+zypper install git
+elif [[ "$distro" == "Arch" ]]; then
+pacman -S git
+elif [[ "$distro" == "Mageia" ]]; then
+urpmi git
+fi
+
+# STEP install Libre.sh
+
+echo " ---Removing previous install --- "
+rm -rf /libre.sh
+
+echo "-------- installing libre.sh" 
+
+git clone https://lab.libreho.st/libre.sh/compose.libre.sh.git /libre.sh 
+mkdir -p /{data,system}
+mkdir -p /data/trash
+mkdir -p /data/domains
+cp /libre.sh/unit-files/* /etc/systemd/system && systemctl daemon-reload 
+systemctl enable web-net.service 
+systemctl start web-net.service 
+mkdir -p /opt/bin 
+cp /libre.sh/utils/* /opt/bin/
+
+
+# STEP add /opt/bin path
+
+
+echo "-------- updating PATH" 
+cat > /etc/profile.d/libre.sh <<EOF
+export PATH=$PATH:/opt/bin
+EOF
+chmod 644 /etc/profile.d/libre.sh
+bash /etc/profile.d/libre.sh
+
+#TODO : reload profile to use libre right away 

migrations/update-oo.sh

+#!/bin/bash -eux
+
+# Verify they are all in sync with git, if not, print the domain name.
+for oo  in `ls -d ./oo-*`;do
+  cd $oo
+  if ! git diff --exit-code --quiet; then
+    echo $oo
+  fi
+  cd ..
+done
+
+# Update all oo
+for oo  in `ls -d ./oo-*`;do
+  cd $oo
+  libre update
+  cd ..
+done

scripts/create_vultr.sh

-#!/bin/bash
-
-function valid_ip()
-{
-  local  ip=$1
-  local  stat=1
-  if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
-    OIFS=$IFS
-    IFS='.'
-    ip=($ip)
-    IFS=$OIFS
-    [[ ${ip[0]} -le 255 && ${ip[1]} -le 255 \
-      && ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
-    stat=$?
-  fi
-  return $stat
-}
-
-LABEL=$1
-echo Label: $LABEL
-echo API key: $VULTR_API_KEY
-
-VPSPLANID=${2:-29}
-
-SSHKEYID=`curl -s https://api.vultr.com/v1/sshkey/list\?api_key\=$VULTR_API_KEY | cut -d\" -f2`
-echo Got your ssh key ID $SSHKEYID:
-
-SUBID=`curl -s -d "DCID=9&VPSPLANID=$VPSPLANID&OSID=179&label=$LABEL&SSHKEYID=$SSHKEYID" https://api.vultr.com/v1/server/create\?api_key\=$VULTR_API_KEY | cut -d\" -f4`
-echo Got your SUB ID $SUBID:
-
-while :
-do
-  IP=`curl -s https://api.vultr.com/v1/server/list_ipv4\?api_key\=$VULTR_API_KEY\&SUBID\=$SUBID | cut -d\" -f6`
-  if valid_ip $IP; then
-    break
-  else
-    echo "waiting to get an IP..."
-    sleep 5
-  fi
-done
-
-echo Writing $LABEL to /etc/hosts file, needs your root password:
-sudo -- sh -c "echo $IP $LABEL \#$SUBID >> /etc/hosts"
-
-while :
-do
-  ssh -o "StrictHostKeyChecking no" -o "BatchMode yes" root@$LABEL exit
-  if [ $? == 0 ];
-  then
-    break
-  else
-    echo "waiting to be able to ssh..."
-    sleep 5
-  fi
-done
-

scripts/destroy_vultr.sh

-#!/bin/bash -eux
-
-LABEL=$1
-SUBID=`cat /etc/hosts | grep $LABEL | cut -d# -f2`
-
-echo Writing $LABEL to /etc/hosts file, needs your root password:
-sudo sed -i "/$LABEL/ d" /etc/hosts
-
-curl -d SUBID=$SUBID https://api.vultr.com/v1/server/destroy\?api_key\=$VULTR_API_KEY
-

scripts/install.sh

-#!/bin/bash -eux
-
-/usr/bin/coreos-cloudinit --from-file=/var/lib/coreos-user_data
-
-docker pull indiepaas/haproxy
-docker pull indiepaas/confd
-docker pull indiepaas/duplicity
-docker pull ibuildthecloud/systemd-docker
-
-# Create Directory structure
-mkdir -p /data/domains
-mkdir -p /data/runtime/haproxy/approved-certs
-git clone https://github.com/indiepaas/IndiePaaS.git /data/indiehosters
-
-# Install unit-files
-cp /data/indiehosters/unit-files/* /etc/systemd/system && systemctl daemon-reload
-
-systemctl enable confd
-systemctl start  confd
-systemctl enable haproxy.path
-systemctl start  haproxy.path
-
-source /etc/environment
-# Put the backup server in known_hosts files using RSA algo
-# https://github.com/paramiko/paramiko/issues/243
-ssh -o "StrictHostKeyChecking no" -o "BatchMode yes" -o "HostKeyAlgorithms=ssh-rsa" $BACKUP_DESTINATION exit
-
-# Import backup encryption key
-gpg --import /root/key.pub
-TRUSTVAR=`gpg --fingerprint root | grep Key|cut -d= -f2|sed 's/ //g'`
-TRUST_VALUE=':6:'
-echo $TRUSTVAR$TRUST_VALUE | gpg --import-ownertrust
-
-curl -L https://github.com/docker/compose/releases/download/1.2.0/docker-compose-`uname -s`-`uname -m` > /opt/bin/docker-compose
-chmod +x /opt/bin/docker-compose
-update_engine_client -update

scripts/start.sh

-#!/bin/bash -eux
-
-ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
-
-# check if there are already running servers
-if [ "$(cat /etc/hosts | grep -q '.test' ; echo $?)" -eq 0 ]; then
-  echo "It looks like some servers are still running."
-  echo "please run ./script.stop.sh first if you want to create new servers."
-  exit 1
-fi
-
-# Create backup for tests
-
-$ROOT_DIR/scripts/create_vultr.sh backup.test
-
-scp $ROOT_DIR/configs/backup.config root@backup.test:/var/lib/coreos-user_data
-ssh root@backup.test /usr/bin/coreos-cloudinit --from-file=/var/lib/coreos-user_data
-BACKUP_IP=`cat /etc/hosts | grep backup.test | cut -d" " -f1`
-
-# Create server for tests
-
-$ROOT_DIR/scripts/create_vultr.sh server.test 30
-cat $ROOT_DIR/configs/server.config | sed s/##BACKUP_IP##/$BACKUP_IP/g > /tmp/server.config
-scp /tmp/server.config root@server.test:/var/lib/coreos-user_data
-scp $ROOT_DIR/scripts/install.sh root@server.test:/tmp/install.sh
-ssh root@server.test /tmp/install.sh
-IP=`cat /etc/hosts | grep server.test | cut -d" " -f1`
-
-# Adds ip to /etc/hosts file
-
-echo "We'll now modify your /etc/hosts to add the test application name"
-applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
-for application in "${applications[@]}"
-do
-  echo Writing $application.test to /etc/hosts file, needs your root password:
-  sudo -- sh -c "echo $IP $application.test  >> /etc/hosts"
-done
-
-# cleaning
-rm /tmp/server.config
-

scripts/stop.sh

-#!/bin/bash -eux
-
-ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
-
-$ROOT_DIR/scripts/destroy_vultr.sh backup.test
-ssh-keygen -f ~/.ssh/known_hosts -R backup.test
-$ROOT_DIR/scripts/destroy_vultr.sh server.test
-ssh-keygen -f ~/.ssh/known_hosts -R server.test
-
-applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
-
-for application in "${applications[@]}"
-do
-  sudo sed -i "/$application.test/ d" /etc/hosts
-done
-

unit-files/b-u@.service

-[Unit]
-Description=Back up data from %i
-
-[Service]
-Type=oneshot
-TimeoutStartSec=3000
-WorkingDirectory=/data/domains/%i/
-EnvironmentFile=/etc/environment
-ExecStartPre=-/bin/docker kill clean-%i
-ExecStartPre=-/bin/docker rm clean-%i
-ExecStartPre=-/bin/docker kill backup-%i
-ExecStartPre=-/bin/docker rm backup-%i
-ExecStartPre=/bin/bash -euxc ' \
-  /bin/docker run \
-    --rm \
-    --name clean-%i \
-    -e PASSPHRASE \
-    -v /root:/root \
-    indiepaas/duplicity \
-      remove-older-than 10D \
-      sftp://${BACKUP_DESTINATION}//data/%i'
-ExecStartPre=/bin/bash -euxc '/data/domains/%i/BACKUP'
-ExecStart=/bin/bash -euxc ' \
-  /bin/docker run \
-    --rm \
-    --name backup-%i \
-    -e PASSPHRASE \
-    -h backup.container \
-    --cpu-shares=40 \
-    -v /dev/random:/dev/random \
-    -v /dev/urandom:/dev/urandom \
-    -v /root:/root \
-    -v /data/domains/%i:/backup indiepaas/duplicity \
-      --volsize 500 \
-      --full-if-older-than 7D \
-      --asynchronous-upload \
-      --encrypt-key ${ENCRYPT_KEY} \
-        /backup \
-        sftp://${BACKUP_DESTINATION}//data/%i'

unit-files/b-u@.timer

-[Unit]
-Description=Hourly backup of www and mysql content.
-
-# Dependency binding
-BindsTo=u@%i.service
-
-[Timer]
-OnActiveSec=20
-OnUnitActiveSec=60min
-AccuracySec=50min
-

unit-files/backup-u@.service

-[Unit]
-Description=Back up data from %i
-
-[Service]
-Type=oneshot
-TimeoutStartSec=3000
-WorkingDirectory=/data/domains/%i/
-EnvironmentFile=/etc/environment
-ExecStartPre=-/bin/docker kill clean-%i
-ExecStartPre=-/bin/docker rm clean-%i
-ExecStartPre=-/bin/docker kill backup-%i
-ExecStartPre=-/bin/docker rm backup-%i
-ExecStartPre=/bin/bash -euxc ' \
-  /bin/docker run \
-    --rm \
-    --name clean-%i \
-    -e PASSPHRASE \
-    -v /root:/root \
-    indiepaas/duplicity \
-      remove-older-than 10D \
-      sftp://${BACKUP_DESTINATION}//data/%i'
-ExecStartPre=/bin/bash -euxc '/data/domains/%i/BACKUP'
-ExecStart=/bin/bash -euxc ' \
-  /bin/docker run \
-    --rm \
-    --name backup-%i \
-    -e PASSPHRASE \
-    -h backup.container \
-    --cpu-shares=40 \
-    -e PASSPHRASE \
-    -v /dev/random:/dev/random \
-    -v /dev/urandom:/dev/urandom \
-    -v /root:/root \
-    -v /data/domains/%i:/backup indiepaas/duplicity \
-      --volsize 500 \
-      --full-if-older-than 7D \
-      --asynchronous-upload \
-      --encrypt-key ${ENCRYPT_KEY} \
-        /backup \
-        sftp://${BACKUP_DESTINATION}//data/%i'

unit-files/backup-u@.timer

-[Unit]
-Description=Hourly backup of www and mysql content.
-
-# Dependency binding
-BindsTo=universal@%i.service
-
-[Timer]
-OnActiveSec=20
-OnUnitActiveSec=60min
-AccuracySec=50min
-

unit-files/confd.service

-[Unit]
-Description=%p
-
-# Requirements
-Requires=docker.service
-Requires=etcd.service
-
-# Dependency ordering
-After=docker.service
-After=etcd.service
-Before=haproxy.service
-
-[Service]
-Restart=always
-RestartSec=20
-TimeoutStartSec=0
-ExecStartPre=-/usr/bin/docker kill %p
-ExecStartPre=-/usr/bin/docker rm %p
-ExecStart=/usr/bin/docker run \
-  --rm \
-  --name %p \
-  -v /data/runtime/haproxy/:/etc/haproxy/ \
-  -v /var/run/docker.sock:/var/run/docker.sock \
-  indiepaas/confd
-ExecReload=/usr/bin/docker restart %p
-ExecStop=/usr/bin/docker stop %p
-
-[Install]
-WantedBy=multi-user.target
-

unit-files/d-u@.service

-[Unit]
-Description=%p for %i etcd registration
-
-# Requirements
-Requires=etcd.service
-
-# Dependency binding
-BindsTo=u@%i.service
-
-[Service]
-Type=oneshot
-RemainAfterExit=yes
-Environment=URL=%i
-ExecStart=/bin/bash -xc ' \
-  ip=""; \
-  while [ -z $ip ]; \
-  do \
-    container_name=`echo ${URL}_web_1 | sed "s/\.//g" | sed "s/-//g"`; \
-    ip=`docker inspect --format \'{{.NetworkSettings.IPAddress}}\' $container_name`; \
-    sleep 1; \
-  done; \
-  etcdctl --peers 172.17.42.1:4001 set /services/web/%i \'{"ip":"\'$ip\'", "port":"80"}\';'
-ExecStop=-/usr/bin/etcdctl rm /services/web/%i
-

unit-files/discovery-u@.service

-[Unit]
-Description=%p for %i etcd registration
-
-# Requirements
-Requires=etcd.service
-
-# Dependency binding
-BindsTo=universal@%i.service
-
-[Service]
-Type=oneshot
-RemainAfterExit=yes
-Environment=URL=%i
-ExecStart=/bin/bash -xc ' \
-  ip=""; \
-  while [ -z $ip ]; \
-  do \
-    container_name=`echo ${URL}_web_1 | sed "s/\.//g" | sed "s/-//g"`; \
-    ip=`docker inspect --format \'{{.NetworkSettings.IPAddress}}\' $container_name`; \
-    sleep 1; \
-  done; \
-  etcdctl --peers 172.17.42.1:4001 set /services/web/%i \'{"ip":"\'$ip\'", "port":"80"}\';'
-ExecStop=-/usr/bin/etcdctl rm /services/web/%i
-