Skip to content
Hide whitespace changes
Inline Side-by-side
dockerfiles/load-balancer/confd/confd/conf.d/haproxy.toml deleted 100644 → 0
View file @ a450375d
[template]
src = "haproxy.cfg.tmpl"
dest = "/etc/haproxy/haproxy.cfg"
keys = [
"/services"
]
reload_cmd = "/docker kill --signal=\"SIGUSR1\" haproxy"
dockerfiles/load-balancer/confd/confd/templates/crt-list.tmpl deleted 100644 → 0
View file @ a450375d
{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
{{range gets $hostnames}}
{{$hostname := .Key}}
/etc/haproxy/approved-certs/{{base $hostname}}.pem {{base $hostname}}
{{end}}
{{end}}
dockerfiles/load-balancer/confd/confd/templates/haproxy.cfg.tmpl deleted 100644 → 0
View file @ a450375d
{{$default_service_value := getv "/services/default"}}
{{$default_service := json $default_service_value}}
{{$default_url := printf "/services/%s/%s" $default_service.app $default_service.hostname}}
{{$default_value := getv $default_url}}
{{$default := json $default_value}}
{{$default := json $default_value}}
global
maxconn 4096
user haproxy
group haproxy
defaults
mode http
option httplog
option dontlognull
retries 3
timeout connect 5000
timeout client 50000
timeout server 50000
frontend https-in
mode http
bind *:443 ssl crt-list /etc/haproxy/crt-list crt /etc/haproxy/approved-certs/{{$default_service.hostname}}.pem
reqadd X-Forwarded-Proto:\ https
{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
{{range gets $hostnames}}
{{$hostname := .Key}}
{{$data := json .Value}}
# {{base $hostname}}:
acl https_{{base $hostname}} hdr(host) -i {{base $hostname}}
use_backend {{base $hostname}} if https_{{base $hostname}}
{{end}}
{{end}}
default_backend {{$default_service.hostname}}
frontend http-in
bind *:80
{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
{{range gets $hostnames}}
{{$hostname := .Key}}
{{$data := json .Value}}
# {{base $hostname}}:
acl is_{{base $hostname}} hdr(host) -i {{base $hostname}}
use_backend {{base $hostname}} if is_{{base $hostname}}
{{end}}
{{end}}
{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
{{range gets $hostnames}}
{{$hostname := .Key}}
{{$data := json .Value}}
# {{base $hostname}}:
backend {{base $hostname}}
cookie SERVERID insert nocache indirect
option httpclose
option forwardfor
server Server {{$data.ip}}:{{$data.port}} cookie Server
{{end}}
{{end}}
dockerfiles/load-balancer/haproxy/Dockerfile deleted 100644 → 0
View file @ a450375d
FROM debian:jessie
ENV DEBIAN_FRONTEND noninteractive
# Install Haproxy.
RUN \
apt-get update && \
apt-get install -y haproxy && \
rm -rf /var/lib/apt/lists/*
VOLUME ["/etc/haproxy"]
ENTRYPOINT ["haproxy"]
CMD ["-d", "-f", "/etc/haproxy/haproxy.cfg"]
EXPOSE 80
EXPOSE 443
dockerfiles/load-balancer/haproxy/README.md deleted 100644 → 0
View file @ a450375d
# HAproxy
The smallest HAproxy docker image in town ;)
## Run
This image will log everything to stdout/stderr. Somehow, it respects 12-Factor App. But it uses the debug flag of HAProxy. If you have a better idea, please read this [blog post](http://pierre-o.fr/blog/2014/08/27/haproxy-coreos/) first.
```bash
docker run\
-v /haproxy-config:/etc/haproxy\
-p 80:80\
-p 443:443\
indiehosters/haproxy
```
Have a look to [indiehosters/confd](https://registry.hub.docker.com/u/indiehosters/confd/) to have automatic configuration of HAproxy backed by `etcd` or `consul`.
dockerfiles/services/apache/Dockerfile deleted 100644 → 0
View file @ a450375d
FROM debian:jessie
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update \
&& apt-get -yq install \
apache2 \
curl \
mysql-client \
libapache2-mod-php5 \
php-apc \
php-pear \
php5-curl \
php5-gd \
php5-mysql \
php5-xmlrpc \
&& rm -rf /var/lib/apt/lists/*
# Add image configuration and scripts
ADD default.conf /etc/apache2/sites-enabled/000-default.conf
ADD run.sh /run.sh
RUN sed -i "s/variables_order.*/variables_order = \"EGPCS\"/g" /etc/php5/apache2/php.ini \
&& mkdir -p /app \
&& rm -rf /var/www/html \
&& ln -s /app /var/www/html \
&& a2enmod rewrite \
&& chmod 755 /run.sh
CMD ["/run.sh"]
EXPOSE 80
dockerfiles/services/apache/default.conf deleted 100644 → 0
View file @ a450375d
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
<Directory /var/www/html/>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
dockerfiles/services/apache/run.sh deleted 100644 → 0
View file @ a450375d
#!/bin/bash
source /etc/apache2/envvars
exec apache2 -D FOREGROUND
dockerfiles/services/known/Dockerfile deleted 100644 → 0
View file @ a450375d
FROM indiehosters/apache
# Download latest version of Known into /app
RUN mkdir -p ; cd /app ; curl -L http://assets.withknown.com/releases/known-0.6.5.tgz | tar xz
RUN mkdir /uploads
RUN chown www-data:www-data /uploads
RUN cp /app/schemas/mysql/mysql.sql /initial_db.sql
RUN mv /app/htaccess.dist /app/.htaccess
# Add script to create 'known' DB
ADD run-known.sh /run-known.sh
RUN chmod 755 /run-known.sh
# Expose environment variables
ENV DB_HOST **LinkMe**
ENV DB_PORT **LinkMe**
ENV DB_NAME known
ENV DB_USER admin
ENV DB_PASS **ChangeMe**
# to be cleaned up:
EXPOSE 80
VOLUME ["/app"]
CMD ["/run-known.sh"]
dockerfiles/services/known/README.md deleted 100644 → 0
View file @ a450375d
# Usage
````
PASS=`pwgen 20 1`
sudo docker pull debian:jessie
sudo docker build -t indiehosters/apache ../apache
sudo docker build -t indiehosters/known .
sudo docker run -d -e MYSQL_PASS=$PASS --name mysql indiehosters/mysql
sudo docker run -d -p 80:80 --link mysql:db -e DB_PASS=$PASS indiehosters/known
echo Using $PASS as the database password. Waiting for everything to be up...
sleep 20
curl -I http://localhost/
````
dockerfiles/services/known/run-known.sh deleted 100644 → 0
View file @ a450375d
#!/bin/bash
chown -R root:www-data /app
chmod -R 650 /app
chmod -R 770 /app/known-content/
chmod -R 660 /app/.htaccess
if [ -f /.mysql_db_created ]; then
exec /run.sh
exit 1
fi
DB_HOST=${DB_PORT_3306_TCP_ADDR:-${DB_HOST}}
DB_HOST=${DB_1_PORT_3306_TCP_ADDR:-${DB_HOST}}
DB_PORT=${DB_PORT_3306_TCP_PORT:-${DB_PORT}}
DB_PORT=${DB_1_PORT_3306_TCP_PORT:-${DB_PORT}}
if [ "$DB_PASS" = "**ChangeMe**" ] && [ -n "$DB_1_ENV_MYSQL_PASS" ]; then
DB_PASS="$DB_1_ENV_MYSQL_PASS"
fi
echo "=> Trying to connect to MySQL/MariaDB using:"
echo "========================================================================"
echo " Database Host Address: $DB_HOST"
echo " Database Port number: $DB_PORT"
echo " Database Name: $DB_NAME"
echo " Database Username: $DB_USER"
echo " Database Password: $DB_PASS"
echo "========================================================================"
echo "database = 'MySQL'" > /app/config.ini
echo "dbhost = '$DB_HOST'" >> /app/config.ini
echo "dbname = '$DB_NAME'" >> /app/config.ini
echo "dbuser = '$DB_USER'" >> /app/config.ini
echo "dbpass = '$DB_PASS'" >> /app/config.ini
echo "filesystem = 'local'" >> /app/config.ini
echo "uploadpath = '/uploads/'" >> /app/config.ini
chown root:www-data /app/config.ini
chmod 640 /app/config.ini
for ((i=0;i<10;i++))
do
DB_CONNECTABLE=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e 'status' >/dev/null 2>&1; echo "$?")
if [[ DB_CONNECTABLE -eq 0 ]]; then
break
fi
sleep 5
done
if [[ $DB_CONNECTABLE -eq 0 ]]; then
DB_EXISTS=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e "SHOW DATABASES LIKE '"$DB_NAME"';" 2>&1 |grep "$DB_NAME" > /dev/null ; echo "$?")
if [[ DB_EXISTS -eq 1 ]]; then
echo "=> Creating database $DB_NAME"
RET=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e "CREATE DATABASE $DB_NAME")
if [[ RET -ne 0 ]]; then
echo "Cannot create database for known"
exit RET
fi
if [ -f /initial_db.sql ]; then
echo "=> Loading initial database data to $DB_NAME"
RET=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT $DB_NAME < /initial_db.sql)
if [[ RET -ne 0 ]]; then
echo "Cannot load initial database data for known"
exit RET
fi
fi
echo "=> Done!"
else
echo "=> Skipped creation of database $DB_NAME – it already exists."
fi
else
echo "Cannot connect to Mysql"
exit $DB_CONNECTABLE
fi
touch /.mysql_db_created
exec /run.sh
dockerfiles/services/wordpress/Dockerfile deleted 100644 → 0
View file @ a450375d
FROM indiehosters/apache
# Download latest version of Wordpress into /app
RUN curl -L https://wordpress.org/wordpress-4.0.tar.gz | tar xz && \
mv wordpress/* app
ADD wp-config.php /app/wp-config.php
# Add script to create 'wordpress' DB
ADD run-wordpress.sh /run-wordpress.sh
RUN chmod 755 /run-wordpress.sh
# Expose environment variables
ENV DB_HOST **LinkMe**
ENV DB_PORT **LinkMe**
ENV DB_NAME wordpress
ENV DB_USER admin
ENV DB_PASS **ChangeMe**
EXPOSE 80
VOLUME ["/app/wp-content", "/app/.htaccess"]
CMD ["/run-wordpress.sh"]
dockerfiles/services/wordpress/run-wordpress.sh deleted 100644 → 0
View file @ a450375d
#!/bin/bash
chown -R root:www-data /app
chmod -R 650 /app
chmod -R 770 /app/wp-content/
chmod -R 660 /app/.htaccess
if [ -f /.mysql_db_created ]; then
exec /run.sh
exit 1
fi
DB_HOST=${DB_PORT_3306_TCP_ADDR:-${DB_HOST}}
DB_HOST=${DB_1_PORT_3306_TCP_ADDR:-${DB_HOST}}
DB_PORT=${DB_PORT_3306_TCP_PORT:-${DB_PORT}}
DB_PORT=${DB_1_PORT_3306_TCP_PORT:-${DB_PORT}}
if [ "$DB_PASS" = "**ChangeMe**" ] && [ -n "$DB_1_ENV_MYSQL_PASS" ]; then
DB_PASS="$DB_1_ENV_MYSQL_PASS"
fi
echo "=> Trying to connect to MySQL/MariaDB using:"
echo "========================================================================"
echo " Database Host Address: $DB_HOST"
echo " Database Port number: $DB_PORT"
echo " Database Name: $DB_NAME"
echo " Database Username: $DB_USER"
echo " Database Password: $DB_PASS"
echo "========================================================================"
for ((i=0;i<10;i++))
do
DB_CONNECTABLE=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e 'status' >/dev/null 2>&1; echo "$?")
if [[ DB_CONNECTABLE -eq 0 ]]; then
break
fi
sleep 5
done
if [[ $DB_CONNECTABLE -eq 0 ]]; then
DB_EXISTS=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e "SHOW DATABASES LIKE '"$DB_NAME"';" 2>&1 |grep "$DB_NAME" > /dev/null ; echo "$?")
if [[ DB_EXISTS -eq 1 ]]; then
echo "=> Creating database $DB_NAME"
RET=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e "CREATE DATABASE $DB_NAME")
if [[ RET -ne 0 ]]; then
echo "Cannot create database for wordpress"
exit RET
fi
if [ -f /initial_db.sql ]; then
echo "=> Loading initial database data to $DB_NAME"
RET=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT $DB_NAME < /initial_db.sql)
if [[ RET -ne 0 ]]; then
echo "Cannot load initial database data for wordpress"
exit RET
fi
fi
echo "=> Done!"
else
echo "=> Skipped creation of database $DB_NAME – it already exists."
fi
else
echo "Cannot connect to Mysql"
exit $DB_CONNECTABLE
fi
touch /.mysql_db_created
exec /run.sh
dockerfiles/services/wordpress/wp-config.php deleted 100644 → 0
View file @ a450375d
<?php
/**
* The base configurations of the WordPress.
*
* This file has the following configurations: MySQL settings, Table Prefix,
* Secret Keys, WordPress Language, and ABSPATH. You can find more information
* by visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
* wp-config.php} Codex page. You can get the MySQL settings from your web host.
*
* This file is used by the wp-config.php creation script during the
* installation. You don't have to use the web site, you can just copy this file
* to "wp-config.php" and fill in the values.
*
* @package WordPress
*/
// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', getenv('DB_NAME'));
/** MySQL database username */
define('DB_USER', getenv('DB_USER'));
/** MySQL database password */
define('DB_PASSWORD', getenv('DB_PASS'));
/** MySQL hostname */
define('DB_HOST', getenv('DB_HOST').":".getenv('DB_PORT'));
/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');
/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');
/**#@+
* Authentication Unique Keys and Salts.
*
* Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
*
* @since 2.6.0
*/
define('AUTH_KEY', '--w,=nO-t>g:EOH>e-ZXs!7x(: W4:}1A2$E?Sn9P>TW-[=:u[nc-eQ<vIi<6|wh');
define('SECURE_AUTH_KEY', 'PlM~WQ/9-~V:-3&be`nxuaghz@JyN!]SzVr_]lAM2b?QH(d(|`.z_;1jIE4kY&f+');
define('LOGGED_IN_KEY', 'K]6*uCb-m~>zj5C1krtu:>2VT(WlI/Jl5T~Pov2-`r+Zb5s3i6&aIN$*/+k/~sLN');
define('NONCE_KEY', '~; xvP`h^{Pl9zaD#/!f@M21BAk0#sKg>*P+=1LV+FY+;HNE)%Y`4(Xq|&})fCj^');
define('AUTH_SALT', 'A2|G[jvSLB+z dy S/ S>(lLyzxDvJ8(ps1(F%~x]eRD`UHv(h*IDjye+SYV-a;O');
define('SECURE_AUTH_SALT', '9cv/Hy~a;qr]4)i*udy-/$non@_:CU0SIdm-L[WH^k_}s:Jq[)HV,Wu8na<_;ef3');
define('LOGGED_IN_SALT', '{d*4OCrk9x`|cb-4EBK7=ewJ3D]y%z,7mSEd:8?=eP![zD.O`<Uubt-u%@TA+x T');
define('NONCE_SALT', 'z6G5thFC]JIW]|ZQIBgZ?zBb^!N#3-Un=)`!Xb/,Yd8[2&}.W{ITu?=PE0oZ,<8^');
/**#@-*/
/**
* WordPress Database Table prefix.
*
* You can have multiple installations in one database if you give each a unique
* prefix. Only numbers, letters, and underscores please!
*/
$table_prefix = 'wp_';
/**
* WordPress Localized Language, defaults to English.
*
* Change this to localize WordPress. A corresponding MO file for the chosen
* language must be installed to wp-content/languages. For example, install
* de_DE.mo to wp-content/languages and set WPLANG to 'de_DE' to enable German
* language support.
*/
define('WPLANG', '');
/**
* For developers: WordPress debugging mode.
*
* Change this to true to enable the display of notices during development.
* It is strongly recommended that plugin and theme developers use WP_DEBUG
* in their development environments.
*/
define('WP_DEBUG', false);
/* That's all, stop editing! Happy blogging. */
/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');
/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');
/** change permisssions for plugin installation */
define("FS_METHOD","direct");
define("FS_CHMOD_DIR", 0777);
define("FS_CHMOD_FILE", 0777);
install.linux.sh 0 → 100755
View file @ 408b8f91
#!/bin/bash
#This script is tested on Debian 12
#Current version of libre.sh to be installed
LIBRE_VERSION=1.2
# System env vars : can be overrided by a values.env file next to this install file
### CONFIG : Specify you template repo ROOT without training slash (Optional) or comment if you want to supply full url for apps
APP_REPO_URL="lab.libreho.st/libre.sh/compose"
## domain handling
### CONFIG : change to your domain vendor ( namecheap, ovh , scaleway, )
DOMAIN_SERVER=namecheap
### Namecheap specific
NAMECHEAP_URL="namecheap.com"
NAMECHEAP_API_USER="pierreo"
NAMECHEAP_API_KEY=
### ovh specific (WIP)
OVH_URL="eu.api.ovh.com"
OVH_API_USER=""
OVH_API_KEY=
### Scaleway specific (WIP)
SCALEWAY_URL=""
SCALEWAY_API_USER=""
SCALEWAY_API_KEY=
### TODO : change your settings
IP="curl -s http://icanhazip.com/"
FirstName="Pierre"
LastName="Ozoux"
Address=""
PostalCode=""
Country="Portugal"
Phone="+351.967184553"
EmailAddress="pierre@ozoux.net"
City="Lisbon"
CountryCode="PT"
## Backup
BACKUP_DESTINATION=root@xxxxx:port
### CONFIG : Change your mail settings.
## SMTP
MAIL_USER=
MAIL_PASS=
MAIL_HOST=mail.indie.host
MAIL_PORT=587
MAIL_SECURITY=
# Default admin emails for apps
ADMIN_EMAIL=support@ekimia.fr
### TODO : source a setting file is present to override defaults
echo "-------- Welcome to libre.sh $LIBRE_VERSION installer"
echo "---- sourcing local values.env file if present"
source values.env
# STEP add kernel parameter
# STEP Define environnement
echo "-------- setting up system variables"
echo "APP_REPO_URL=${APP_REPO_URL}" >> /etc/environment
echo "LIBRE_VERSION=${LIBRE_VERSION}" >> /etc/environment
echo "MAIL_USER=${MAIL_USER}" >> /etc/environment
echo "MAIL_PASS=${MAIL_PASS}" >> /etc/environment
echo "MAIL_HOST=${MAIL_HOST}" >> /etc/environment
echo "MAIL_PORT=${MAIL_PORT}" >> /etc/environment
echo "MAIL_SECURITY=${MAIL_SECURITY}" >> /etc/environment
echo "ADMIN_EMAIL=${ADMIN_EMAIL}" >> /etc/environment
# STEP Install Docker
name="docker.io"
# TODO : Fix a version for docker ?
dpkg -s $name &> /dev/null
if [ $? -ne 0 ]
then
echo "$name not installed"
apt-get update
# curl -fsSL https://get.docker.com -o get-docker.sh
# sh get-docker.sh
apt install -y $name
echo "-------- Native docker installed "
else
echo "$name already installed"
fi
# STEP "install docker-compose"
echo "-------- Install native docker-compose "
# TODO : Fix a version for docker compose ?
#mkdir -p /opt/bin &&\
#dockerComposeVersion=$(curl -s https://api.github.com/repos/docker/compose/releases/latest|grep tag_name|cut -d'"' -f4) &&\
#curl -L https://github.com/docker/compose/releases/download/$dockerComposeVersion/docker-compose-`uname -s`-`uname -m` > /opt/bin/#docker-compose &&\
#chmod +x /opt/bin/docker-compose
apt install -y docker-compose
# STEP "install git"
echo "-------- Install git"
distro=$( ( lsb_release -ds || cat /etc/*release || uname -om ) 2>/dev/null | head -n1 | cut -d " " -f1)
if [[ "$distro" == "Ubuntu" || "$distro" == "Debian" ]]; then
apt-get install -y git
elif [[ "$distro" == "CentOS" || "$distro" == "AlmaLinux" || "$distro" == "Rocky" || "$distro" == "Fedora" ]]; then
yum install -y git
elif [[ "$distro" == "openSUSE" ]]; then
zypper install git
elif [[ "$distro" == "Arch" ]]; then
pacman -S git
elif [[ "$distro" == "Mageia" ]]; then
urpmi git
fi
# STEP install Libre.sh
echo " ---Removing previous install --- "
rm -rf /libre.sh
echo "-------- installing libre.sh"
git clone https://lab.libreho.st/libre.sh/compose.libre.sh.git /libre.sh
mkdir -p /{data,system}
mkdir -p /data/trash
mkdir -p /data/domains
cp /libre.sh/unit-files/* /etc/systemd/system && systemctl daemon-reload
systemctl enable web-net.service
systemctl start web-net.service
mkdir -p /opt/bin
cp /libre.sh/utils/* /opt/bin/
# STEP add /opt/bin path
echo "-------- updating PATH"
cat > /etc/profile.d/libre.sh <<EOF
export PATH=$PATH:/opt/bin
EOF
chmod 644 /etc/profile.d/libre.sh
bash /etc/profile.d/libre.sh
#TODO : reload profile to use libre right away
migrations/update-oo.sh 0 → 100644
View file @ 408b8f91
#!/bin/bash -eux
# Verify they are all in sync with git, if not, print the domain name.
for oo in `ls -d ./oo-*`;do
cd $oo
if ! git diff --exit-code --quiet; then
echo $oo
fi
cd ..
done
# Update all oo
for oo in `ls -d ./oo-*`;do
cd $oo
libre update
cd ..
done
scripts/setup.sh deleted 100755 → 0
View file @ a450375d
#!/bin/bash -eux
if [ $# -ge 1 ]; then
HOSTNAME=$1
else
echo "Usage: sh /data/indiehosters/scripts/setup.sh k1.you.indiehosters.net"
exit 1
fi
# Install cloud-config
if [ -f /tmp/vagrantfile-user-data ]; then
mv /tmp/vagrantfile-user-data /var/lib/coreos-vagrant/vagrantfile-user-data
fi
# Pull relevant docker images
docker pull indiehosters/haproxy
docker pull indiehosters/confd
docker pull indiehosters/postfix-forwarder
docker pull indiehosters/nginx
docker pull indiehosters/mysql
docker pull indiehosters/wordpress
docker pull indiehosters/known
# Install unit-files
sudo cp /data/indiehosters/unit-files/* /etc/systemd/system && systemctl daemon-reload
# Create Directory structure
mkdir -p /data/domains
mkdir -p /data/import
mkdir -p /data/runtime/haproxy/approved-certs
mkdir -p /data/runtime/postfix
# Configure and start HAproxy
cp /data/indiehosters/scripts/unsecure-certs/indiehosters.dev.pem /data/runtime/haproxy/approved-certs/default.pem
systemctl enable haproxy-confd.service
systemctl start haproxy-confd.service
systemctl enable haproxy.path
systemctl start haproxy.path
# Configure and start postfix
touch /data/runtime/postfix/hostname
touch /data/runtime/postfix/destinations
touch /data/runtime/postfix/forwards
systemctl enable postfix.service
systemctl start postfix.service
# Adds backup ssh key to the list of known hosts
ssh -o StrictHostKeyChecking=no `cat /data/BACKUP_DESTINATION` "exit"
scripts/unsecure-certs/example.dev.pem deleted 100644 → 0
View file @ a450375d
-----BEGIN CERTIFICATE-----
MIIFjDCCA3QCCQDmo57ouPDhnTANBgkqhkiG9w0BAQUFADCBhzELMAkGA1UEBhMC
UFQxETAPBgNVBAgTCFBvcnR1Z2FsMQ8wDQYDVQQHEwZMaXNib24xFTATBgNVBAoT
DEluZGllSG9zdGVyczEUMBIGA1UEAxMLZXhhbXBsZS5kZXYxJzAlBgkqhkiG9w0B
CQEWGGNvbnRhY3RAaW5kaWVob3N0ZXJzLm5ldDAeFw0xNDEwMTAxNTA3MDVaFw0x
NTEwMTAxNTA3MDVaMIGHMQswCQYDVQQGEwJQVDERMA8GA1UECBMIUG9ydHVnYWwx
DzANBgNVBAcTBkxpc2JvbjEVMBMGA1UEChMMSW5kaWVIb3N0ZXJzMRQwEgYDVQQD
EwtleGFtcGxlLmRldjEnMCUGCSqGSIb3DQEJARYYY29udGFjdEBpbmRpZWhvc3Rl
cnMubmV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAm/gbDGFtfMzT
nVZaPBQNl7SqMUMhTlDoR2C24W53QPslLuqBGkatbBs+9jWKGm2XPWeuK0uC2ot6
fIie72wghFepmzIdAb7SU0lpFVw49dk1nGVHIqwbFA3G6pYL7hY5ocD4HziNKnuj
ZA42a+rjpYl3zx/4GgcWnNyuawlsIMI8rdvuv5Mg77fGaVSXriJKQ1nTJ/Z65CDU
U6c9vzXSGkye3i0gv/8tZ0VA8xgV9FoXsLWhP7NLWDAh5+X/4aJpIFjvwzYSJLBr
3O9siP17NZuJI+7zB6KVlBeoSt2Dmt3k7fG2YrpwTzFlFBMr4Hq6T+wp+Q2J1JQP
Jm1s3lr2vJwmLVKlUspgT+zpuTAsUHOv2xxmbb+8k8ZE5II9IzAcE85C75bvL3An
fG0xQlF2+dOcXgvYFtRyeJ8fCIEjQBkOoUJq4H2inTwM2IYo060FF32jEVgFB5ZP
xuEsxEOGusUmOFsm8dIwaXv/WCPXopt1EGKFcNZWLSMC0jX0d4jZP74D1K0u4VPV
/kkQS6lUCK4qrq6tNm1R4TQlquefbfcwEhE8hVyUGcyDX6FOCL5z4lXal3gyUgbC
B50WrOST4hShb8+cWngcvDTO78kLg/OhqYZZVbpAshcF60sugEYke0xGNArWMQMU
5uxaWqPA3/gA3u4rJfWhLOwFIU+4ewsCAwEAATANBgkqhkiG9w0BAQUFAAOCAgEA
JiUIK43wZ6PHYrinKZu1wgDSbL7g3mNxSf2NiTMbu11J0JvypJc19DZHoSq5S0XH
yalW9Xeml9U8u/zHaciTwAaxWyj/gzqWyLBbd1xHTmdx+WvoG+OjcnYJYelrFzDH
bd4XumR+oHBXUsCiCIyF0d4gJZRUH8OxpDN/dD828FlcmMaeaPBl/xLm1G5ZXnPE
KNA8VR6ylo4w4HayQCjXI6qef29Y9I2Jvt9lREEpR5YoEnc1aj1ZJofeEzISfmhm
3D2BiI2Hx6mMlBwE95D+c9HZZAQyvdPyUdcTto7dOiJUGGt3EqhBRPebhe0HNlj8
L5h2/w1zChlQKWoFCZ4Uz6AJeibvPMZTEgihWtNWPyRAbjWL39GH1Emb/0m8ydaR
NmQEFL9VApMAsUm0mNHjWZQOTL5PYwgfKloXWMJ+rCd9N54sUUj5tt+Zc7G4irUN
Lnu8fYAaFC2BljANwQdy0H7pkVCYBcwwqvtKsrhX+FBGukkUjMo43FWep+fA82BU
uU6mlnPKm9vRYHC9gkKJejzFNgDZaC7p+xiwOO53oY/mFPgEVoCWwO0zAc1AXaZV
mJkkeYhRWpqmuxvqP+tpXFSfHu2Ee/RKBrrowWDOad3IlWuV7gt7Bo5ZBj+iqbPf
Km1Y5oFRF+Kp1NoIL527LHGj7dDV8eXinRIb7CPtbL4=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIJKQIBAAKCAgEAm/gbDGFtfMzTnVZaPBQNl7SqMUMhTlDoR2C24W53QPslLuqB
GkatbBs+9jWKGm2XPWeuK0uC2ot6fIie72wghFepmzIdAb7SU0lpFVw49dk1nGVH
IqwbFA3G6pYL7hY5ocD4HziNKnujZA42a+rjpYl3zx/4GgcWnNyuawlsIMI8rdvu
v5Mg77fGaVSXriJKQ1nTJ/Z65CDUU6c9vzXSGkye3i0gv/8tZ0VA8xgV9FoXsLWh
P7NLWDAh5+X/4aJpIFjvwzYSJLBr3O9siP17NZuJI+7zB6KVlBeoSt2Dmt3k7fG2
YrpwTzFlFBMr4Hq6T+wp+Q2J1JQPJm1s3lr2vJwmLVKlUspgT+zpuTAsUHOv2xxm
bb+8k8ZE5II9IzAcE85C75bvL3AnfG0xQlF2+dOcXgvYFtRyeJ8fCIEjQBkOoUJq
4H2inTwM2IYo060FF32jEVgFB5ZPxuEsxEOGusUmOFsm8dIwaXv/WCPXopt1EGKF
cNZWLSMC0jX0d4jZP74D1K0u4VPV/kkQS6lUCK4qrq6tNm1R4TQlquefbfcwEhE8
hVyUGcyDX6FOCL5z4lXal3gyUgbCB50WrOST4hShb8+cWngcvDTO78kLg/OhqYZZ
VbpAshcF60sugEYke0xGNArWMQMU5uxaWqPA3/gA3u4rJfWhLOwFIU+4ewsCAwEA
AQKCAgBGDvYnY4QIsQDFBcrWfbN1V4OzSRIm2ZTcqwa60CHlIGqdXlzLbr/rdXmc
ooP8RwnOXUoQzIRkoo5MbhnmNc2NZMscmTAKXqqfGrSHEbvMQtsf+yYu3tvy8BVP
vkJxma4diE5rx70xPgQwp2muo/3Jl6wnb5bEKjbwEviNv9fABz+2YLond3Et/IC1
Q3g2kdSF2E1PABpHaq+1O8QypXxQr+YUqnSxiW/dmXAJQeJqtiU6DPv3XxQS8tvo
DJoZwhgynYBlUV5o+I4a2bkI98NmWw0JBQZJgbBqqw2/Qy0gXVe9wftI8bINAIUE
tW/aD4as68oWwwwMXs1HV5O1dWqqrncx9SGNUSO+oqZPzjPBUtGpBj8sBOA6AgaU
ohnUhx4NLd3KEl+3yLgyv16VsW3XkOCCdtEwKfhLMfPM95LtOx0z1YsGP2DHQIb1
Q7lv81n5YCThIBxiRbDi46GgOAFukORb7rKfzu18qxiWyLLJ79QyONCdDZWU2jgA
8t3Fwzv28nXIetfxoRj8v0+B3NPxWS2StZ8Gltj/zVdbqiUyAU4TeV655la9bI2R
5NEQWW0q66BdJsSEnJ+6etM3yvaJ6rGw0Fz28JJuIwmc2uod14MgXFv3/ylg3bBK
Ddhuaw78iOz+hYq2rOk6xGB1q+HTTc61bFe1iKouTrVKT2jBoQKCAQEAyzfVyfzv
NS43ZcEe/MC+S8+zbjoxsS6b57hB6+lyokz2/YmliTpsmMgHnPSAWDUtXanGQjFY
IsDpt3r1x9wyOuNblKN4Xj/LqK+8ZS+qIwmFc84r9b7I8Evm3YOsYkUSRoroDhz1
eU09Df0YdLJaSTcJTvMm2LX+h3Yy6UTkHAg8nxI3PDF4SonV4QSf1LDWw1HGPiLv
quBPHGOrgcXvEpNOuOCzjmW90LKrRyk1V1rX9F+8e+Dr1rWpJKLFYVz6DgB5NFEI
rlz3PaZwQSdaeTMURt2Z9MErC3GHtGc+saf1vLdhQjoD2KAwG9FsqdtiaGX86Qh0
3Llblry0FkOHQwKCAQEAxHqkuAWS9DOcZPTs4VlQHItnHI+qRcp8hQZtz/8R204O
x8IbmMc7BQLLNKZj8yOP13d1uL+2RB3wJON6Z+GzfwLPG5ZuaklZv1j0c1r6/WZf
E9AMxO3IgC0o5tYxfB9JIPUfDbm7fpm2EZvlIK//29m5iC5Ii6E9PIbWenTjXpvy
NjDzRJDXoEa7lDzY0nKdwiiDrK+Hfte2CkS+4ESQALw8l84B8EPJ9mXFiFR4l6CG
ZlI8uLdb/FraChC1qgOknonEGS7WLwfxKhXoEo2X0cTDjR7awUtrXVB0yfpEGzsu
gxvmDMKudwBGM6BotkLuE337t44gUajiG/GB7syMmQKCAQEAuHespzfkY9/aBZHy
cPj9RI/7jplgtjda6lLF9EHq/wziP2+NRi40mdMppf4D6w4KajVMdJWaLaH0Bcum
A5AMQIxVe22QO+2pDyzG1QsZY8imzWJfYSmX+RjNLlLyThno5wP8daMv6LaGL4aJ
hpTHhCJjXrk1kA5UR96xhDI25oNLlBHS9d7qFK9d6G5sL4N+z7oRPCI2cGRBK8IF
0z07MR9qnEPMefw8+47UDzqG4w7hbUDiNYkMS9CHA2yFw0XE7qTbYPQV70EQZXQJ
/fqdE9ucEl/h+tzGGBMsXkRCEr4mQPItZRKIn0F5qibGfsFYaO/7TgWRHzNawk/1
ISiXRQKCAQBGXBkSoURf2P+fk6okhORQZId3TedO+NUgmg3HF3OgklJurI9PZcE3
6Sk14IQYdNq08V2h3F18BTCTNTcHbmbmC+541aUSwNO31zYq/SC2j+tqX+3Cs9hC
NmnYSEoORfHdMIp/UszW6Fqv8aDa1MwOQejT4KcwAXy5aRvzXFpz7eqOB3eGTUw6
ZDoWOrf2nP7robCNrYobHUpeYQHts//Rk5crUaWWEeCIMSfMy1soCV830ylViKwT
McG1KwizKnzQHUuxLPmce/6b8J5bzoLYptrUdYEnCUgYcZBxKAMtsULVxq7aUPlD
OkDpif8VjeBN8Kass+PU+mKGWTULfAq5AoIBAQCRd1bJmD/nAB90B19yzat7i1eZ
r6BUpMQ6vTMDA/u9uxn7A92kcZ6PFIPN3ez4ThIgSonAQHBKQYIblrDgPEQ/ixqe
YoKmvVQg5/fEXcpBZbKy3oNr437ZDWShbkPVsV7SvIsye3ckFQf/ASSOtKLY6E2Z
YQC1S9lXaIv7LOpZpIbGnrQuw/uXkuuW682vIjOsS+zGaq+UdLHVv0ZcTqbbmurh
HaWktTlH8htMK65JgvRv2Ze4a+xe83vCtinmK45yFdFJvkyVkTGGtE7wVeKaCyH/
2PRNVB8SMzV2lmvsr0jXi7FS8slvxzsLeMbLe+sYStIhatOYoBggnhSi/p9j
-----END RSA PRIVATE KEY-----