Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • lupa/compose.libre.sh
  • libre.sh/compose.libre.sh
  • ecobytes/compose.libre.sh
  • jordan.mitchell/compose.libre.sh
  • timothee/compose.libre.sh
5 results
Show changes
Hide whitespace changes
Inline Side-by-side
Showing
with 194 additions and 506 deletions
hotfixes/2015-04-26-upgrade-wordpress.sh deleted 100644 → 0
View file @ c856454d
docker pull indiepaas/wordpress
cd /data/domains
for domain in `ls .`
do
if cat $domain/.env|grep APPLICATION=wordpress
then
systemctl restart web@$domain
/opt/bin/docker-enter $domain wp --allow-root core update-db --path=/app
fi
done
install.linux.sh 0 → 100755
View file @ 408b8f91
#!/bin/bash
#This script is tested on Debian 12
#Current version of libre.sh to be installed
LIBRE_VERSION=1.2
# System env vars : can be overrided by a values.env file next to this install file
### CONFIG : Specify you template repo ROOT without training slash (Optional) or comment if you want to supply full url for apps
APP_REPO_URL="lab.libreho.st/libre.sh/compose"
## domain handling
### CONFIG : change to your domain vendor ( namecheap, ovh , scaleway, )
DOMAIN_SERVER=namecheap
### Namecheap specific
NAMECHEAP_URL="namecheap.com"
NAMECHEAP_API_USER="pierreo"
NAMECHEAP_API_KEY=
### ovh specific (WIP)
OVH_URL="eu.api.ovh.com"
OVH_API_USER=""
OVH_API_KEY=
### Scaleway specific (WIP)
SCALEWAY_URL=""
SCALEWAY_API_USER=""
SCALEWAY_API_KEY=
### TODO : change your settings
IP="curl -s http://icanhazip.com/"
FirstName="Pierre"
LastName="Ozoux"
Address=""
PostalCode=""
Country="Portugal"
Phone="+351.967184553"
EmailAddress="pierre@ozoux.net"
City="Lisbon"
CountryCode="PT"
## Backup
BACKUP_DESTINATION=root@xxxxx:port
### CONFIG : Change your mail settings.
## SMTP
MAIL_USER=
MAIL_PASS=
MAIL_HOST=mail.indie.host
MAIL_PORT=587
MAIL_SECURITY=
# Default admin emails for apps
ADMIN_EMAIL=support@ekimia.fr
### TODO : source a setting file is present to override defaults
echo "-------- Welcome to libre.sh $LIBRE_VERSION installer"
echo "---- sourcing local values.env file if present"
source values.env
# STEP add kernel parameter
# STEP Define environnement
echo "-------- setting up system variables"
echo "APP_REPO_URL=${APP_REPO_URL}" >> /etc/environment
echo "LIBRE_VERSION=${LIBRE_VERSION}" >> /etc/environment
echo "MAIL_USER=${MAIL_USER}" >> /etc/environment
echo "MAIL_PASS=${MAIL_PASS}" >> /etc/environment
echo "MAIL_HOST=${MAIL_HOST}" >> /etc/environment
echo "MAIL_PORT=${MAIL_PORT}" >> /etc/environment
echo "MAIL_SECURITY=${MAIL_SECURITY}" >> /etc/environment
echo "ADMIN_EMAIL=${ADMIN_EMAIL}" >> /etc/environment
# STEP Install Docker
name="docker.io"
# TODO : Fix a version for docker ?
dpkg -s $name &> /dev/null
if [ $? -ne 0 ]
then
echo "$name not installed"
apt-get update
# curl -fsSL https://get.docker.com -o get-docker.sh
# sh get-docker.sh
apt install -y $name
echo "-------- Native docker installed "
else
echo "$name already installed"
fi
# STEP "install docker-compose"
echo "-------- Install native docker-compose "
# TODO : Fix a version for docker compose ?
#mkdir -p /opt/bin &&\
#dockerComposeVersion=$(curl -s https://api.github.com/repos/docker/compose/releases/latest|grep tag_name|cut -d'"' -f4) &&\
#curl -L https://github.com/docker/compose/releases/download/$dockerComposeVersion/docker-compose-`uname -s`-`uname -m` > /opt/bin/#docker-compose &&\
#chmod +x /opt/bin/docker-compose
apt install -y docker-compose
# STEP "install git"
echo "-------- Install git"
distro=$( ( lsb_release -ds || cat /etc/*release || uname -om ) 2>/dev/null | head -n1 | cut -d " " -f1)
if [[ "$distro" == "Ubuntu" || "$distro" == "Debian" ]]; then
apt-get install -y git
elif [[ "$distro" == "CentOS" || "$distro" == "AlmaLinux" || "$distro" == "Rocky" || "$distro" == "Fedora" ]]; then
yum install -y git
elif [[ "$distro" == "openSUSE" ]]; then
zypper install git
elif [[ "$distro" == "Arch" ]]; then
pacman -S git
elif [[ "$distro" == "Mageia" ]]; then
urpmi git
fi
# STEP install Libre.sh
echo " ---Removing previous install --- "
rm -rf /libre.sh
echo "-------- installing libre.sh"
git clone https://lab.libreho.st/libre.sh/compose.libre.sh.git /libre.sh
mkdir -p /{data,system}
mkdir -p /data/trash
mkdir -p /data/domains
cp /libre.sh/unit-files/* /etc/systemd/system && systemctl daemon-reload
systemctl enable web-net.service
systemctl start web-net.service
mkdir -p /opt/bin
cp /libre.sh/utils/* /opt/bin/
# STEP add /opt/bin path
echo "-------- updating PATH"
cat > /etc/profile.d/libre.sh <<EOF
export PATH=$PATH:/opt/bin
EOF
chmod 644 /etc/profile.d/libre.sh
bash /etc/profile.d/libre.sh
#TODO : reload profile to use libre right away
migrations/update-oo.sh 0 → 100644
View file @ 408b8f91
#!/bin/bash -eux
# Verify they are all in sync with git, if not, print the domain name.
for oo in `ls -d ./oo-*`;do
cd $oo
if ! git diff --exit-code --quiet; then
echo $oo
fi
cd ..
done
# Update all oo
for oo in `ls -d ./oo-*`;do
cd $oo
libre update
cd ..
done
scripts/create_vultr.sh deleted 100755 → 0
View file @ c856454d
#!/bin/bash
function valid_ip()
{
local ip=$1
local stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
OIFS=$IFS
IFS='.'
ip=($ip)
IFS=$OIFS
[[ ${ip[0]} -le 255 && ${ip[1]} -le 255 \
&& ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
stat=$?
fi
return $stat
}
LABEL=$1
echo Label: $LABEL
echo API key: $VULTR_API_KEY
VPSPLANID=${2:-29}
SSHKEYID=`curl -s https://api.vultr.com/v1/sshkey/list\?api_key\=$VULTR_API_KEY | cut -d\" -f2`
echo Got your ssh key ID $SSHKEYID:
SUBID=`curl -s -d "DCID=9&VPSPLANID=$VPSPLANID&OSID=179&label=$LABEL&SSHKEYID=$SSHKEYID" https://api.vultr.com/v1/server/create\?api_key\=$VULTR_API_KEY | cut -d\" -f4`
echo Got your SUB ID $SUBID:
while :
do
IP=`curl -s https://api.vultr.com/v1/server/list_ipv4\?api_key\=$VULTR_API_KEY\&SUBID\=$SUBID | cut -d\" -f6`
if valid_ip $IP; then
break
else
echo "waiting to get an IP..."
sleep 5
fi
done
echo Writing $LABEL to /etc/hosts file, needs your root password:
sudo -- sh -c "echo $IP $LABEL \#$SUBID >> /etc/hosts"
while :
do
ssh -o "StrictHostKeyChecking no" -o "BatchMode yes" root@$LABEL exit
if [ $? == 0 ];
then
break
else
echo "waiting to be able to ssh..."
sleep 5
fi
done
scripts/destroy_vultr.sh deleted 100755 → 0
View file @ c856454d
#!/bin/bash -eux
LABEL=$1
SUBID=`cat /etc/hosts | grep $LABEL | cut -d# -f2`
echo Writing $LABEL to /etc/hosts file, needs your root password:
sudo sed -i "/$LABEL/ d" /etc/hosts
curl -d SUBID=$SUBID https://api.vultr.com/v1/server/destroy\?api_key\=$VULTR_API_KEY
scripts/install.sh deleted 100755 → 0
View file @ c856454d
#!/bin/bash -eux
/usr/bin/coreos-cloudinit --from-file=/var/lib/coreos-user_data
docker pull indiepaas/rsyslog
docker pull indiepaas/haproxy
docker pull indiepaas/confd
docker pull indiepaas/postfix
docker pull indiepaas/dovecot
docker pull indiepaas/nginx
docker pull indiepaas/mysql
docker pull indiepaas/wordpress
docker pull indiepaas/known
docker pull indiepaas/piwik
docker pull indiepaas/owncloud
docker pull indiepaas/duplicity
docker pull ibuildthecloud/systemd-docker
# Create Directory structure
mkdir -p /data/domains
mkdir -p /data/runtime/haproxy/approved-certs
git clone https://github.com/indiepaas/IndiePaaS.git /data/indiehosters
# Install unit-files
cp /data/indiehosters/unit-files/* /etc/systemd/system && systemctl daemon-reload
# Configure and start HAproxy
cp /data/indiehosters/tests/unsecure-certs/indiehosters.dev.pem /data/runtime/haproxy/approved-certs/default.pem
systemctl enable rsyslog
systemctl start rsyslog
systemctl enable confd
systemctl start confd
systemctl enable haproxy.path
systemctl start haproxy.path
source /etc/environment
# Put the backup server in known_hosts files using RSA algo
# https://github.com/paramiko/paramiko/issues/243
ssh -o "StrictHostKeyChecking no" -o "BatchMode yes" -o "HostKeyAlgorithms=ssh-rsa" $BACKUP_DESTINATION exit
# Import backup encryption key
gpg --import /root/key.pub
TRUSTVAR=`gpg --fingerprint root | grep Key|cut -d= -f2|sed 's/ //g'`
TRUST_VALUE=':6:'
echo $TRUSTVAR$TRUST_VALUE | gpg --import-ownertrust
docker run --rm -v /opt/bin:/target jpetazzo/nsenter
curl -L https://github.com/docker/compose/releases/download/1.2.0/docker-compose-`uname -s`-`uname -m` > /opt/bin/docker-compose
chmod +x /opt/bin/docker-compose
update_engine_client -update
scripts/start.sh deleted 100755 → 0
View file @ c856454d
#!/bin/bash -eux
ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
# check if there are already running servers
if [ "$(cat /etc/hosts | grep -q '.test' ; echo $?)" -eq 0 ]; then
echo "It looks like some servers are still running."
echo "please run ./script.stop.sh first if you want to create new servers."
exit 1
fi
# Create backup for tests
$ROOT_DIR/scripts/create_vultr.sh backup.test
scp $ROOT_DIR/configs/backup.config root@backup.test:/var/lib/coreos-user_data
ssh root@backup.test /usr/bin/coreos-cloudinit --from-file=/var/lib/coreos-user_data
BACKUP_IP=`cat /etc/hosts | grep backup.test | cut -d" " -f1`
# Create server for tests
$ROOT_DIR/scripts/create_vultr.sh server.test 30
cat $ROOT_DIR/configs/server.config | sed s/##BACKUP_IP##/$BACKUP_IP/g > /tmp/server.config
scp /tmp/server.config root@server.test:/var/lib/coreos-user_data
scp $ROOT_DIR/scripts/install.sh root@server.test:/tmp/install.sh
ssh root@server.test /tmp/install.sh
IP=`cat /etc/hosts | grep server.test | cut -d" " -f1`
# Adds ip to /etc/hosts file
echo "We'll now modify your /etc/hosts to add the test application name"
applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
for application in "${applications[@]}"
do
echo Writing $application.test to /etc/hosts file, needs your root password:
sudo -- sh -c "echo $IP $application.test >> /etc/hosts"
done
# cleaning
rm /tmp/server.config
scripts/stop.sh deleted 100755 → 0
View file @ c856454d
#!/bin/bash -eux
ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
$ROOT_DIR/scripts/destroy_vultr.sh backup.test
ssh-keygen -f ~/.ssh/known_hosts -R backup.test
$ROOT_DIR/scripts/destroy_vultr.sh server.test
ssh-keygen -f ~/.ssh/known_hosts -R server.test
applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
for application in "${applications[@]}"
do
sudo sed -i "/$application.test/ d" /etc/hosts
done
tests/clean.sh deleted 100755 → 0
View file @ c856454d
#!/bin/bash -eux
source /etc/environment
image=$1
systemctl stop web@$image.test
sleep 20
systemctl list-units | grep -c "$image\.test" | grep 0
rm -rf /data/runtime/domains/$image.test
rm -rf /data/domains/$image.test
ssh $BACKUP_DESTINATION "rm -rf $image.test"
tests/email.sh deleted 100755 → 0
View file @ c856454d
#!/bin/bash -eux
mkdir -p /data/domains/mail/dovecot
mkdir -p /data/domains/mail/TLS/
mkdir -p /data/domains/mail/static/www-content
mkdir -p /data/runtime/domains/mail/mysql/db_files
mkdir -p /data/domains/mail/mysql
mkdir /data/domains/mail/nginx
touch /data/domains/mail/nginx/.env
pass=`echo $RANDOM ${date} | md5sum | base64 | cut -c-10`
echo MYSQL_PASS=$pass > /data/domains/mail/mysql/.env
cat /data/domains/mail/mysql/.env | sed s/MYSQL_PASS/DB_PASS/ > /data/domains/mail/.env;
echo HOSTNAME=pierre-o.fr >> /data/domains/mail/.env
echo APPLICATION=nginx >> /data/domains/mail/.env
echo DOCKER_ARGUMENTS="-v /data/domains/mail/static/www-content:/app" >> /data/domains/mail.env
openssl genrsa -out /data/domains/mail/TLS/ssl_private_key.pem 2048
openssl req -new -key /data/domains/mail/TLS/ssl_private_key.pem -out /data/domains/mail/TLS/ssl_cert_sign_req.csr \
-sha256 -subj "/C=PT/ST=/L=/O=/CN=dovecot.test"
openssl x509 -req -days 365 \
-in /data/domains/mail/TLS/ssl_cert_sign_req.csr -signkey /data/domains/mail/TLS/ssl_private_key.pem -out /data/domains/mail/TLS/ssl_certificate.pem
openssl dhparam -out /data/domains/mail/TLS/dh2048.pem 2048
cat /data/domains/mail/TLS/ssl_certificate.pem /data/domains/mail/TLS/ssl_private_key.pem > /data/domains/mail/TLS/mail.pem
systemctl enable dovecot
systemctl enable postfix
systemctl start dovecot
systemctl start postfix
tests/finish.sh deleted 100755 → 0
View file @ c856454d
#!/bin/bash -eux
ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
systemctl list-units | grep -c failed | grep 0
applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
for application in "${applications[@]}"
do
curl -Lk $application.test
/data/indiehosters/tests/clean.sh $application
done
tests/force-clean.sh deleted 100755 → 0
View file @ c856454d
#!/bin/bash -eux
source /etc/environment
image=$1
systemctl stop web@$image.test
if [ "$image" == "static" ]; then
systemctl disable $image@$image.test
else
systemctl disable lamp@$image.test
fi
systemctl stop *@$image.test.timer
systemctl stop *@$image.test
systemctl reset-failed
rm -rf /data/runtime/domains/$image.test
rm -rf /data/domains/$image.test
ssh $BACKUP_DESTINATION "rm -rf $image.test"
systemctl list-units | grep "$image\.test"
tests/start.sh deleted 100755 → 0
View file @ c856454d
#!/bin/bash -eux
ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
for application in "${applications[@]}"
do
/data/indiehosters/tests/test.sh $application
done
tests/test.sh deleted 100755 → 0
View file @ c856454d
#!/bin/bash -eux
image=$1
# prepare data
/data/indiehosters/utils/provision.sh -s -e test@test.org -a $image -u $image.test -f /data/indiehosters/tests/unsecure-certs/indiehosters.dev.pem
if [ "$image" == "static" ]; then
sleep 30
else
sleep 70
fi
systemctl list-units | grep "$image\.test" | grep -c failed | grep 0
curl -Lk $image.test
tests/unsecure-certs/indiehosters.dev.pem deleted 100644 → 0
View file @ c856454d
-----BEGIN CERTIFICATE-----
MIIFljCCA34CCQDXgLjASWHpmDANBgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMC
UFQxETAPBgNVBAgTCFBvcnR1Z2FsMQ8wDQYDVQQHEwZMaXNib24xFTATBgNVBAoT
DEluZGllSG9zdGVyczEZMBcGA1UEAxMQaW5kaWVob3N0ZXJzLmRldjEnMCUGCSqG
SIb3DQEJARYYY29udGFjdEBpbmRpZWhvc3RlcnMubmV0MB4XDTE0MTAxMDE0MzY1
NVoXDTE1MTAxMDE0MzY1NVowgYwxCzAJBgNVBAYTAlBUMREwDwYDVQQIEwhQb3J0
dWdhbDEPMA0GA1UEBxMGTGlzYm9uMRUwEwYDVQQKEwxJbmRpZUhvc3RlcnMxGTAX
BgNVBAMTEGluZGllaG9zdGVycy5kZXYxJzAlBgkqhkiG9w0BCQEWGGNvbnRhY3RA
aW5kaWVob3N0ZXJzLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AKBOylYEoL1P3q7skTJsRA8yQj6fVHWHS3kPg6tcVavZawc6tRxIiDc41/EWjL7i
Owb6io2UbKaD/g8695CFER9FvcW1iukrC/tUV5/AVd0SDcvS3RnGUndKh82HCNrM
rUDU/XH8smEpfjuXrq0YPuiGbY1zSLQKirjYTiasJODfGkxSbobNfjdL7aEo+3HX
BQq5mGIj9A4PYmeyFGkHCN8tRvf4lY1KfPJoWtDL4kmO4SFNZ4FAehH9AJ6vTN8y
MFcHtFzpp2636TYTBQsLu48nrKs6MqOOyU0R/Ufw9QjiWDLo3Co6pcCTmVf16skO
odg9BNdEhMXefpiEE1NOL6ZOkSUG5WSY0Q5Il649QcJOYzw2A0Nk3IOxoIexXat4
siCgSlNfgyRmBn5HNcZo5aEDf9+3gEqFzEFSyH3ClIApC7RePbpPvsCAgpagBOXC
PgO2w2VW9HfNHkwpF3Yqn7cqw0FQKwKREufVdnSvs9fgFlMZnqA3sMym8o99Fcvq
WBaTuh54ePfNGmawPt1N8vUZUYXXOasWKmnjfan3S1rsNAf5M2ntLqEJRDwihdSm
ZSO+B51hDO5jzHoqxHwA71CwUAp4hRO83xR6ziB1KR2834I/7LBzbpZ0EWm9adez
8V+dwgBhTt0LYEUGLJN22XRi9d4RPhnRJpSLPV/h0Fa/AgMBAAEwDQYJKoZIhvcN
AQEFBQADggIBAFzYeGiomhKZW//aUM4V4RLMVIf0B4uixSMxZGQIUWVtYckmyG2N
t8qNBHAQ3gl811NqnqestIQ4DpGkNQRCv/iDa5OwdLJHTOQUxajUE/1xmidHtpzR
ReBZvW48k0dLEM2gmIrt7qQwqqecjlWjvSQlvJxYWrn6TBAkFL6Quu8gfoPK9/cE
HG/aRQ0PCywGV20LSZ+J03LN7MlACClgVTB7dJuWIN0dNi7TsqpIupk11ZQ3ybBY
WPQmLnIiCAijL69kBmBynLvJT5XDy2C4ChyzZ5Y73CXhgJwCqOZJwbO7Doig9PZQ
yVLtui18W3uVQ7ZlIxCAQUeFzSkZf3/XNlr2FkP+efw4LLGH8kiKMsyKuoLuthO1
1YrXvI0sjuDOxQwrlNQ2CLVANLBpUMH2U1aiYbA6iICSHr8ORAc84StgG9mFLeyN
w32/04MGPvZfset8gRCOuvA2sLTjylqh0IpaPWlnT77neqOFtETtzJ+3UuOcdfnN
t2bxqimHT8WhBB823WajWlLdXcc902e9LLhe9M1/bwOqFIIlKDqtCndjyXpe/qhA
s0YB8TqJLxJQqvdnmYiBFfGrDTgNBpjt6AKJHRGd4xgsYsmQ3zLJ0Z8mNNQhlLf/
osGXa2s/ZX7ernfvSDQIOB70gohCLFtBok0unyBJhtHxXmZ7UmpuIanx
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIJKAIBAAKCAgEAoE7KVgSgvU/eruyRMmxEDzJCPp9UdYdLeQ+Dq1xVq9lrBzq1
HEiINzjX8RaMvuI7BvqKjZRspoP+Dzr3kIURH0W9xbWK6SsL+1RXn8BV3RINy9Ld
GcZSd0qHzYcI2sytQNT9cfyyYSl+O5eurRg+6IZtjXNItAqKuNhOJqwk4N8aTFJu
hs1+N0vtoSj7cdcFCrmYYiP0Dg9iZ7IUaQcI3y1G9/iVjUp88mha0MviSY7hIU1n
gUB6Ef0Anq9M3zIwVwe0XOmnbrfpNhMFCwu7jyesqzoyo47JTRH9R/D1COJYMujc
KjqlwJOZV/XqyQ6h2D0E10SExd5+mIQTU04vpk6RJQblZJjRDkiXrj1Bwk5jPDYD
Q2Tcg7Ggh7Fdq3iyIKBKU1+DJGYGfkc1xmjloQN/37eASoXMQVLIfcKUgCkLtF49
uk++wICClqAE5cI+A7bDZVb0d80eTCkXdiqftyrDQVArApES59V2dK+z1+AWUxme
oDewzKbyj30Vy+pYFpO6Hnh4980aZrA+3U3y9RlRhdc5qxYqaeN9qfdLWuw0B/kz
ae0uoQlEPCKF1KZlI74HnWEM7mPMeirEfADvULBQCniFE7zfFHrOIHUpHbzfgj/s
sHNulnQRab1p17PxX53CAGFO3QtgRQYsk3bZdGL13hE+GdEmlIs9X+HQVr8CAwEA
AQKCAgEAgDpF8sRE5ukqUHV+Nv0O+7DR+FFuN4x/PFjCk6GKDaodyGyXTgZenv1j
Db9h2ZYQbSafCVy+A/v0jq42NG2cIo2gnLL4aEY8kU8HwAsTI4A7dNw4a1ONx0ng
ku/+jzXFJ+S2ziS5cqrEBFryKBcKyugsXUbn0svT5sNuz9RGs3ECEialrkJVQVoE
vDKR3p+Fsux+DZKAt3Zq2lNBrDkqSYpoCBXZWmlIxIXgjr9nRDt7rS3DK0ot2pGr
m0LRlH8K17Kb/O4RNaj6bHyOPiWmY33yygwFUXr3XiSTmqYM+oxCzIYjBcxfpUjr
EcbthOGlZ9h3NNHj+npcfRa4dpxF09c8gW2AVG+nXVhciZpcnLDZ5z/Nd/510axU
0m0PlCPfh+3L5tiia9k7zlRxjyzER/GofNiJ6v8oo8YZFvhVdbBBQoGs8aadSLH9
5Kf3fPwm8ZhmmOTVWbFJZul/3o0Ho3yFxMVMq86Qu8Pm+h6Q1Pn7yZsXMg/ECXP/
/ErBaWA+zuBZkgCSbdZk58cxkN45PGWGkoHHACVUvCbG8IuYQ989JeCy5w01FgFV
IXm4squNtWgyhLZgvkhl2Hnc4pR+iYJRgh+ouyv7nELQde7hpM6YJLLUpMfjo7r5
lJyWasZtb9E4iEl4/JrdQYMJCDEyBfDN6sTKr1Ai2txjzQA4uOECggEBAM9LDpJ+
RR+b1rdYgtS6VL5OR1bWUHSi1W9L8Xz20wSQGbRxfEJfWmSslOU0COXvA01eOxQ9
OvHcWxISiHdiM3QxpYNtbsgATCQbsSgegMHpbaEgJPadEkUWxdWejbtpA1ypKmGg
iFB5H5IIcz65wWNFC3g29wrXyBsRevi+K/PTbwOzOlad7AAcbuuHiv73wxi5xo1P
i6IZfjgQMKzD9AJbACAAqyvg70XT+3vlIo5ABKOw1kLuejbNBaXd1af7OfVXReL7
BGGJmG6IzI0qP9q7fX3Iq4Gx34Sf0TSomSyW4kxtsDMPXVURMU4ssxeshh0zYFsZ
GQgsr36mOW5cvbkCggEBAMX5gJTrAW47GgObnQWtYIHRvYO0g7Ge1fN12VzHLiap
3a3RfhEDTVKkiugO1GxRC1NY0tcDUwrUzS/00ovDZ/8dVqMHITFj6zfA8aX6vnzA
TnoUWINawPxFBB6FrEuXyGIVbykinuvFyk+z/DzgKzL8X5MaLymYSV+eT+9jjLHO
pJ37S86evkljq24Ow6KB1rKb8mMsk8GDZB4JalDdGWzlG1qJkHMg7ULkEHx2lDTW
mcuHwRtMimFPCBGqH0i+p3O1IUkodJPNYbldrEfAkzRdD4lH9B+DNYBgxP4FWhY2
d9DTHAGCa9ZV0HjnGgPOILRmV69+9yQhNhu5010qNDcCggEABq1VP9S/Z0A+z1MT
i8SgvCyLUbm/h7JDC723fp34uBnoKg7JwN2PbNS+Sw+9BaMISTKy1nkOcAH4EQH1
0Vqha6m5uh0JR3ny+erGbxNkdFqPhHQjnKn8j6snHjVoPVQpno94ZQKlwWnVYX/S
LoAPQaJUtz+V/4xpzq1md6Kwib8SwVzBkU6u7mX8EKwiBwp2B1LcmWqphcQqc6XZ
24bIUlcaDu3Wlag+LNKiNCByV4CqZZdpn2hNGXzLJMebfTizajqwbppFTtr+xPi1
Fgr5WZNWfHm9RIU1PPFk7LxNisklau7RkSN6jyXpn6oC7s1I2KHyBZ0uWDwQPxUd
nndwSQKCAQA/gmrdWwZ6djtCLQmSaKws+TvypFYbBPldwNCaEsubW6Lhv/LRQl3r
xR1KlHdQyC757eS1VTuundW1LLTeYTFbhe3lHsRnM8ahfCQJOwcgvhBu2VgLy3Fd
fEZ2BCvhlC+UR4wBhjm1KR5dsz+Xx9IT6SI/7oZysYfYRNEf2q+n2sK0a4lGH2ar
5G16QQJBf6WAZsa7SfGcgqn7eMnCZytg456CzN6qEEYMz1z6kI+6450yzboFJ+i8
jr3n7Mtcas0NMW4cKf477AcNkB9UZVLT2YbCY3LNKSpgpKqNUuozdgW51/+D/HLb
r2vRXVHbJqUXOj2m7vQZgw34lwRXPtLBAoIBAChJgVltpcWKUWqltYXCQsdPPbb4
DQMb4bb2vV2iON2kl+UlcCdhr0f5yWoAyKjs49lcHBN2Ny4zVR0vIu/IDeX47Fx7
n0OfcFgcnqiqiFhXkWGcfU2JHq/q5tmk5M04aCgkFM8IyEsG6ZLoi849Km9r8quu
VfclpJ6SsMGnWo/A2eIVP9GsfqRys9ZWKJ9inZRP5Lmx6pCZa12Mn6ey0h/kxOqh
ruJQDdV0O4PsvZhTQFhahSVyNmSKnLguq3zsyBwKRsNI9TVXMv/hs0nnwfFgtBK1
K61c7AL4+9dtAWEnuwqy/1srZEeBr/jgTqyFyr+GQFYUMuE/uXNKCDWlIRI=
-----END RSA PRIVATE KEY-----
unit-files/backup-u@.service deleted 100644 → 0
View file @ c856454d
[Unit]
Description=Back up data from %i
[Service]
Type=oneshot
TimeoutStartSec=0
WorkingDirectory=/data/domains/%i/
EnvironmentFile=/etc/environment
ExecStartPre=/bin/bash -euxc ' \
/bin/docker run \
--rm \
--name clean-%i \
-v /root:/root \
indiepaas/duplicity \
remove-older-than 2W --force \
sftp://${BACKUP_DESTINATION}/%i'
ExecStartPre=/bin/bash -euxc '/data/domains/%i/BACKUP'
ExecStart=/bin/bash -euxc ' \
/bin/docker run \
--rm \
--name backup-%i \
-h backup.container \
--cpu-shares=40 \
-v /root:/root \
-v /data/domains/%i:/backup indiepaas/duplicity \
--full-if-older-than 1W \
--encrypt-key ${ENCRYPT_KEY} \
/backup \
sftp://${BACKUP_DESTINATION}/%i'
unit-files/backup-u@.timer deleted 100644 → 0
View file @ c856454d
[Unit]
Description=Hourly backup of www and mysql content.
# Dependency binding
BindsTo=universal@%i.service
[Timer]
OnActiveSec=20
OnUnitActiveSec=60min
AccuracySec=50min
unit-files/backup@.service deleted 100644 → 0
View file @ c856454d
[Unit]
Description=Back up data from %i
[Service]
Type=oneshot
TimeoutStartSec=0
EnvironmentFile=/etc/environment
ExecStartPre=/usr/bin/docker run --rm -v /opt/bin:/opt/bin ibuildthecloud/systemd-docker
ExecStartPre=-/usr/bin/docker kill mysqldump-%i
ExecStartPre=-/usr/bin/docker rm mysqldump-%i
ExecStartPre=-/usr/bin/docker rm clean-%i
ExecStartPre=-/usr/bin/docker rm backup-%i
ExecStartPre=/bin/bash -euxc ' \
/bin/docker run \
--rm \
--name clean-%i \
-v /root:/root \
indiepaas/duplicity \
remove-older-than 2W --force \
sftp://${BACKUP_DESTINATION}/%i'
ExecStartPre=/bin/bash -euxc '\
if [ -d /data/domains/%i/mysql ]; then \
echo "Backing up mysql databases for %i"; \
mysql_passwd=`cat /data/domains/%i/mysql/.env | cut -d= -f2`; \
/usr/bin/docker run \
--rm \
--name mysqldump-%i \
--link mysql-%i:db \
--env-file /data/domains/%i/mysql/.env \
indiepaas/mysql \
mysqldump \
--all-databases \
--events \
-uadmin \
-p$mysql_passwd \
-h db > /data/domains/%i/mysql/dump.sql; \
fi'
ExecStart=/bin/bash -euxc ' \
/bin/docker run \
--rm \
--name backup-%i \
--cpu-shares=40 \
-h backup.container \
-v /root:/root \
-v /data/domains/%i:/backup indiepaas/duplicity \
--full-if-older-than 1W \
--encrypt-key ${ENCRYPT_KEY} \
/backup \
sftp://${BACKUP_DESTINATION}/%i'
unit-files/backup@.timer deleted 100644 → 0
View file @ c856454d
[Unit]
Description=Hourly backup of www and mysql content.
# Dependency binding
BindsTo=web@%i.service
[Timer]
OnActiveSec=20
OnUnitActiveSec=60min
AccuracySec=50min
unit-files/confd.service deleted 100644 → 0
View file @ c856454d
[Unit]
Description=%p
# Requirements
Requires=docker.service
Requires=etcd.service
# Dependency ordering
After=docker.service
After=etcd.service
Before=haproxy.service
[Service]
Restart=always
RestartSec=20
TimeoutStartSec=0
ExecStartPre=-/usr/bin/docker kill %p
ExecStartPre=-/usr/bin/docker rm %p
ExecStart=/usr/bin/docker run \
--rm \
--name %p \
-v /data/runtime/haproxy/:/etc/haproxy/ \
-v /var/run/docker.sock:/var/run/docker.sock \
indiepaas/confd
ExecReload=/usr/bin/docker restart %p
ExecStop=/usr/bin/docker stop %p
[Install]
WantedBy=multi-user.target