Skip to content
Hide whitespace changes
Inline Side-by-side
hotfixes/2015-04-26-upgrade-wordpress.sh deleted 100644 → 0
View file @ dbf163ca
docker pull indiepaas/wordpress
cd /data/domains
for domain in `ls .`
do
if cat $domain/.env|grep APPLICATION=wordpress
then
systemctl restart web@$domain
/opt/bin/docker-enter $domain wp --allow-root core update-db --path=/app
fi
done
install.linux.sh 0 → 100755
View file @ 408b8f91
#!/bin/bash
#This script is tested on Debian 12
#Current version of libre.sh to be installed
LIBRE_VERSION=1.2
# System env vars : can be overrided by a values.env file next to this install file
### CONFIG : Specify you template repo ROOT without training slash (Optional) or comment if you want to supply full url for apps
APP_REPO_URL="lab.libreho.st/libre.sh/compose"
## domain handling
### CONFIG : change to your domain vendor ( namecheap, ovh , scaleway, )
DOMAIN_SERVER=namecheap
### Namecheap specific
NAMECHEAP_URL="namecheap.com"
NAMECHEAP_API_USER="pierreo"
NAMECHEAP_API_KEY=
### ovh specific (WIP)
OVH_URL="eu.api.ovh.com"
OVH_API_USER=""
OVH_API_KEY=
### Scaleway specific (WIP)
SCALEWAY_URL=""
SCALEWAY_API_USER=""
SCALEWAY_API_KEY=
### TODO : change your settings
IP="curl -s http://icanhazip.com/"
FirstName="Pierre"
LastName="Ozoux"
Address=""
PostalCode=""
Country="Portugal"
Phone="+351.967184553"
EmailAddress="pierre@ozoux.net"
City="Lisbon"
CountryCode="PT"
## Backup
BACKUP_DESTINATION=root@xxxxx:port
### CONFIG : Change your mail settings.
## SMTP
MAIL_USER=
MAIL_PASS=
MAIL_HOST=mail.indie.host
MAIL_PORT=587
MAIL_SECURITY=
# Default admin emails for apps
ADMIN_EMAIL=support@ekimia.fr
### TODO : source a setting file is present to override defaults
echo "-------- Welcome to libre.sh $LIBRE_VERSION installer"
echo "---- sourcing local values.env file if present"
source values.env
# STEP add kernel parameter
# STEP Define environnement
echo "-------- setting up system variables"
echo "APP_REPO_URL=${APP_REPO_URL}" >> /etc/environment
echo "LIBRE_VERSION=${LIBRE_VERSION}" >> /etc/environment
echo "MAIL_USER=${MAIL_USER}" >> /etc/environment
echo "MAIL_PASS=${MAIL_PASS}" >> /etc/environment
echo "MAIL_HOST=${MAIL_HOST}" >> /etc/environment
echo "MAIL_PORT=${MAIL_PORT}" >> /etc/environment
echo "MAIL_SECURITY=${MAIL_SECURITY}" >> /etc/environment
echo "ADMIN_EMAIL=${ADMIN_EMAIL}" >> /etc/environment
# STEP Install Docker
name="docker.io"
# TODO : Fix a version for docker ?
dpkg -s $name &> /dev/null
if [ $? -ne 0 ]
then
echo "$name not installed"
apt-get update
# curl -fsSL https://get.docker.com -o get-docker.sh
# sh get-docker.sh
apt install -y $name
echo "-------- Native docker installed "
else
echo "$name already installed"
fi
# STEP "install docker-compose"
echo "-------- Install native docker-compose "
# TODO : Fix a version for docker compose ?
#mkdir -p /opt/bin &&\
#dockerComposeVersion=$(curl -s https://api.github.com/repos/docker/compose/releases/latest|grep tag_name|cut -d'"' -f4) &&\
#curl -L https://github.com/docker/compose/releases/download/$dockerComposeVersion/docker-compose-`uname -s`-`uname -m` > /opt/bin/#docker-compose &&\
#chmod +x /opt/bin/docker-compose
apt install -y docker-compose
# STEP "install git"
echo "-------- Install git"
distro=$( ( lsb_release -ds || cat /etc/*release || uname -om ) 2>/dev/null | head -n1 | cut -d " " -f1)
if [[ "$distro" == "Ubuntu" || "$distro" == "Debian" ]]; then
apt-get install -y git
elif [[ "$distro" == "CentOS" || "$distro" == "AlmaLinux" || "$distro" == "Rocky" || "$distro" == "Fedora" ]]; then
yum install -y git
elif [[ "$distro" == "openSUSE" ]]; then
zypper install git
elif [[ "$distro" == "Arch" ]]; then
pacman -S git
elif [[ "$distro" == "Mageia" ]]; then
urpmi git
fi
# STEP install Libre.sh
echo " ---Removing previous install --- "
rm -rf /libre.sh
echo "-------- installing libre.sh"
git clone https://lab.libreho.st/libre.sh/compose.libre.sh.git /libre.sh
mkdir -p /{data,system}
mkdir -p /data/trash
mkdir -p /data/domains
cp /libre.sh/unit-files/* /etc/systemd/system && systemctl daemon-reload
systemctl enable web-net.service
systemctl start web-net.service
mkdir -p /opt/bin
cp /libre.sh/utils/* /opt/bin/
# STEP add /opt/bin path
echo "-------- updating PATH"
cat > /etc/profile.d/libre.sh <<EOF
export PATH=$PATH:/opt/bin
EOF
chmod 644 /etc/profile.d/libre.sh
bash /etc/profile.d/libre.sh
#TODO : reload profile to use libre right away
migrations/update-oo.sh 0 → 100644
View file @ 408b8f91
#!/bin/bash -eux
# Verify they are all in sync with git, if not, print the domain name.
for oo in `ls -d ./oo-*`;do
cd $oo
if ! git diff --exit-code --quiet; then
echo $oo
fi
cd ..
done
# Update all oo
for oo in `ls -d ./oo-*`;do
cd $oo
libre update
cd ..
done
scripts/create_vultr.sh deleted 100755 → 0
View file @ dbf163ca
#!/bin/bash
function valid_ip()
{
local ip=$1
local stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
OIFS=$IFS
IFS='.'
ip=($ip)
IFS=$OIFS
[[ ${ip[0]} -le 255 && ${ip[1]} -le 255 \
&& ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
stat=$?
fi
return $stat
}
LABEL=$1
echo Label: $LABEL
echo API key: $VULTR_API_KEY
VPSPLANID=${2:-29}
SSHKEYID=`curl -s https://api.vultr.com/v1/sshkey/list\?api_key\=$VULTR_API_KEY | cut -d\" -f2`
echo Got your ssh key ID $SSHKEYID:
SUBID=`curl -s -d "DCID=9&VPSPLANID=$VPSPLANID&OSID=179&label=$LABEL&SSHKEYID=$SSHKEYID" https://api.vultr.com/v1/server/create\?api_key\=$VULTR_API_KEY | cut -d\" -f4`
echo Got your SUB ID $SUBID:
while :
do
IP=`curl -s https://api.vultr.com/v1/server/list_ipv4\?api_key\=$VULTR_API_KEY\&SUBID\=$SUBID | cut -d\" -f6`
if valid_ip $IP; then
break
else
echo "waiting to get an IP..."
sleep 5
fi
done
echo Writing $LABEL to /etc/hosts file, needs your root password:
sudo -- sh -c "echo $IP $LABEL \#$SUBID >> /etc/hosts"
while :
do
ssh -o "StrictHostKeyChecking no" -o "BatchMode yes" root@$LABEL exit
if [ $? == 0 ];
then
break
else
echo "waiting to be able to ssh..."
sleep 5
fi
done
scripts/destroy_vultr.sh deleted 100755 → 0
View file @ dbf163ca
#!/bin/bash -eux
LABEL=$1
SUBID=`cat /etc/hosts | grep $LABEL | cut -d# -f2`
echo Writing $LABEL to /etc/hosts file, needs your root password:
sudo sed -i "/$LABEL/ d" /etc/hosts
curl -d SUBID=$SUBID https://api.vultr.com/v1/server/destroy\?api_key\=$VULTR_API_KEY
scripts/install.sh deleted 100755 → 0
View file @ dbf163ca
#!/bin/bash -eux
/usr/bin/coreos-cloudinit --from-file=/var/lib/coreos-user_data
docker pull indiepaas/rsyslog
docker pull indiepaas/haproxy
docker pull indiepaas/confd
docker pull indiepaas/postfix
docker pull indiepaas/dovecot
docker pull indiepaas/nginx
docker pull indiepaas/mysql
docker pull indiepaas/wordpress
docker pull indiepaas/known
docker pull indiepaas/piwik
docker pull indiepaas/owncloud
docker pull indiepaas/duplicity
docker pull ibuildthecloud/systemd-docker
# Create Directory structure
mkdir -p /data/domains
mkdir -p /data/runtime/haproxy/approved-certs
git clone https://github.com/indiepaas/IndiePaaS.git /data/indiehosters
# Install unit-files
cp /data/indiehosters/unit-files/* /etc/systemd/system && systemctl daemon-reload
# Configure and start HAproxy
cp /data/indiehosters/tests/unsecure-certs/indiehosters.dev.pem /data/runtime/haproxy/approved-certs/default.pem
systemctl enable rsyslog
systemctl start rsyslog
systemctl enable confd
systemctl start confd
systemctl enable haproxy.path
systemctl start haproxy.path
source /etc/environment
# Put the backup server in known_hosts files using RSA algo
# https://github.com/paramiko/paramiko/issues/243
ssh -o "StrictHostKeyChecking no" -o "BatchMode yes" -o "HostKeyAlgorithms=ssh-rsa" $BACKUP_DESTINATION exit
# Import backup encryption key
gpg --import /root/key.pub
TRUSTVAR=`gpg --fingerprint root | grep Key|cut -d= -f2|sed 's/ //g'`
TRUST_VALUE=':6:'
echo $TRUSTVAR$TRUST_VALUE | gpg --import-ownertrust
docker run --rm -v /opt/bin:/target jpetazzo/nsenter
curl -L https://github.com/docker/compose/releases/download/1.2.0/docker-compose-`uname -s`-`uname -m` > /opt/bin/docker-compose
chmod +x /opt/bin/docker-compose
update_engine_client -update
scripts/start.sh deleted 100755 → 0
View file @ dbf163ca
#!/bin/bash -eux
ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
# check if there are already running servers
if [ "$(cat /etc/hosts | grep -q '.test' ; echo $?)" -eq 0 ]; then
echo "It looks like some servers are still running."
echo "please run ./script.stop.sh first if you want to create new servers."
exit 1
fi
# Create backup for tests
$ROOT_DIR/scripts/create_vultr.sh backup.test
scp $ROOT_DIR/configs/backup.config root@backup.test:/var/lib/coreos-user_data
ssh root@backup.test /usr/bin/coreos-cloudinit --from-file=/var/lib/coreos-user_data
BACKUP_IP=`cat /etc/hosts | grep backup.test | cut -d" " -f1`
# Create server for tests
$ROOT_DIR/scripts/create_vultr.sh server.test 30
cat $ROOT_DIR/configs/server.config | sed s/##BACKUP_IP##/$BACKUP_IP/g > /tmp/server.config
scp /tmp/server.config root@server.test:/var/lib/coreos-user_data
scp $ROOT_DIR/scripts/install.sh root@server.test:/tmp/install.sh
ssh root@server.test /tmp/install.sh
IP=`cat /etc/hosts | grep server.test | cut -d" " -f1`
# Adds ip to /etc/hosts file
echo "We'll now modify your /etc/hosts to add the test application name"
applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
for application in "${applications[@]}"
do
echo Writing $application.test to /etc/hosts file, needs your root password:
sudo -- sh -c "echo $IP $application.test >> /etc/hosts"
done
# cleaning
rm /tmp/server.config
scripts/stop.sh deleted 100755 → 0
View file @ dbf163ca
#!/bin/bash -eux
ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
$ROOT_DIR/scripts/destroy_vultr.sh backup.test
ssh-keygen -f ~/.ssh/known_hosts -R backup.test
$ROOT_DIR/scripts/destroy_vultr.sh server.test
ssh-keygen -f ~/.ssh/known_hosts -R server.test
applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
for application in "${applications[@]}"
do
sudo sed -i "/$application.test/ d" /etc/hosts
done
tests/clean.sh deleted 100755 → 0
View file @ dbf163ca
#!/bin/bash -eux
source /etc/environment
image=$1
systemctl stop web@$image.test
sleep 20
systemctl list-units | grep -c "$image\.test" | grep 0
rm -rf /data/runtime/domains/$image.test
rm -rf /data/domains/$image.test
ssh $BACKUP_DESTINATION "rm -rf $image.test"
tests/email.sh deleted 100755 → 0
View file @ dbf163ca
#!/bin/bash -eux
mkdir -p /data/domains/mail/dovecot
mkdir -p /data/domains/mail/TLS/
mkdir -p /data/domains/mail/static/www-content
mkdir -p /data/runtime/domains/mail/mysql/db_files
mkdir -p /data/domains/mail/mysql
mkdir /data/domains/mail/nginx
touch /data/domains/mail/nginx/.env
pass=`echo $RANDOM ${date} | md5sum | base64 | cut -c-10`
echo MYSQL_PASS=$pass > /data/domains/mail/mysql/.env
cat /data/domains/mail/mysql/.env | sed s/MYSQL_PASS/DB_PASS/ > /data/domains/mail/.env;
echo HOSTNAME=pierre-o.fr >> /data/domains/mail/.env
echo APPLICATION=nginx >> /data/domains/mail/.env
echo DOCKER_ARGUMENTS="-v /data/domains/mail/static/www-content:/app" >> /data/domains/mail.env
openssl genrsa -out /data/domains/mail/TLS/ssl_private_key.pem 2048
openssl req -new -key /data/domains/mail/TLS/ssl_private_key.pem -out /data/domains/mail/TLS/ssl_cert_sign_req.csr \
-sha256 -subj "/C=PT/ST=/L=/O=/CN=dovecot.test"
openssl x509 -req -days 365 \
-in /data/domains/mail/TLS/ssl_cert_sign_req.csr -signkey /data/domains/mail/TLS/ssl_private_key.pem -out /data/domains/mail/TLS/ssl_certificate.pem
openssl dhparam -out /data/domains/mail/TLS/dh2048.pem 2048
cat /data/domains/mail/TLS/ssl_certificate.pem /data/domains/mail/TLS/ssl_private_key.pem > /data/domains/mail/TLS/mail.pem
systemctl enable dovecot
systemctl enable postfix
systemctl start dovecot
systemctl start postfix
tests/finish.sh deleted 100755 → 0
View file @ dbf163ca
#!/bin/bash -eux
ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
systemctl list-units | grep -c failed | grep 0
applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
for application in "${applications[@]}"
do
curl -Lk $application.test
/data/indiehosters/tests/clean.sh $application
done
tests/force-clean.sh deleted 100755 → 0
View file @ dbf163ca
#!/bin/bash -eux
source /etc/environment
image=$1
systemctl stop web@$image.test
if [ "$image" == "static" ]; then
systemctl disable $image@$image.test
else
systemctl disable lamp@$image.test
fi
systemctl stop *@$image.test.timer
systemctl stop *@$image.test
systemctl reset-failed
rm -rf /data/runtime/domains/$image.test
rm -rf /data/domains/$image.test
ssh $BACKUP_DESTINATION "rm -rf $image.test"
systemctl list-units | grep "$image\.test"
tests/start.sh deleted 100755 → 0
View file @ dbf163ca
#!/bin/bash -eux
ROOT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/..
applications=( `cat $ROOT_DIR/SUPPORTED_APPLICATIONS` )
for application in "${applications[@]}"
do
/data/indiehosters/tests/test.sh $application
done
tests/test.sh deleted 100755 → 0
View file @ dbf163ca
#!/bin/bash -eux
image=$1
# prepare data
/data/indiehosters/utils/provision.sh -s -e test@test.org -a $image -u $image.test -f /data/indiehosters/tests/unsecure-certs/indiehosters.dev.pem
if [ "$image" == "static" ]; then
sleep 30
else
sleep 70
fi
systemctl list-units | grep "$image\.test" | grep -c failed | grep 0
curl -Lk $image.test
tests/unsecure-certs/indiehosters.dev.pem deleted 100644 → 0
View file @ dbf163ca
-----BEGIN CERTIFICATE-----
MIIFljCCA34CCQDXgLjASWHpmDANBgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMC
UFQxETAPBgNVBAgTCFBvcnR1Z2FsMQ8wDQYDVQQHEwZMaXNib24xFTATBgNVBAoT
DEluZGllSG9zdGVyczEZMBcGA1UEAxMQaW5kaWVob3N0ZXJzLmRldjEnMCUGCSqG
SIb3DQEJARYYY29udGFjdEBpbmRpZWhvc3RlcnMubmV0MB4XDTE0MTAxMDE0MzY1
NVoXDTE1MTAxMDE0MzY1NVowgYwxCzAJBgNVBAYTAlBUMREwDwYDVQQIEwhQb3J0
dWdhbDEPMA0GA1UEBxMGTGlzYm9uMRUwEwYDVQQKEwxJbmRpZUhvc3RlcnMxGTAX
BgNVBAMTEGluZGllaG9zdGVycy5kZXYxJzAlBgkqhkiG9w0BCQEWGGNvbnRhY3RA
aW5kaWVob3N0ZXJzLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AKBOylYEoL1P3q7skTJsRA8yQj6fVHWHS3kPg6tcVavZawc6tRxIiDc41/EWjL7i
Owb6io2UbKaD/g8695CFER9FvcW1iukrC/tUV5/AVd0SDcvS3RnGUndKh82HCNrM
rUDU/XH8smEpfjuXrq0YPuiGbY1zSLQKirjYTiasJODfGkxSbobNfjdL7aEo+3HX
BQq5mGIj9A4PYmeyFGkHCN8tRvf4lY1KfPJoWtDL4kmO4SFNZ4FAehH9AJ6vTN8y
MFcHtFzpp2636TYTBQsLu48nrKs6MqOOyU0R/Ufw9QjiWDLo3Co6pcCTmVf16skO
odg9BNdEhMXefpiEE1NOL6ZOkSUG5WSY0Q5Il649QcJOYzw2A0Nk3IOxoIexXat4
siCgSlNfgyRmBn5HNcZo5aEDf9+3gEqFzEFSyH3ClIApC7RePbpPvsCAgpagBOXC
PgO2w2VW9HfNHkwpF3Yqn7cqw0FQKwKREufVdnSvs9fgFlMZnqA3sMym8o99Fcvq
WBaTuh54ePfNGmawPt1N8vUZUYXXOasWKmnjfan3S1rsNAf5M2ntLqEJRDwihdSm
ZSO+B51hDO5jzHoqxHwA71CwUAp4hRO83xR6ziB1KR2834I/7LBzbpZ0EWm9adez
8V+dwgBhTt0LYEUGLJN22XRi9d4RPhnRJpSLPV/h0Fa/AgMBAAEwDQYJKoZIhvcN
AQEFBQADggIBAFzYeGiomhKZW//aUM4V4RLMVIf0B4uixSMxZGQIUWVtYckmyG2N
t8qNBHAQ3gl811NqnqestIQ4DpGkNQRCv/iDa5OwdLJHTOQUxajUE/1xmidHtpzR
ReBZvW48k0dLEM2gmIrt7qQwqqecjlWjvSQlvJxYWrn6TBAkFL6Quu8gfoPK9/cE
HG/aRQ0PCywGV20LSZ+J03LN7MlACClgVTB7dJuWIN0dNi7TsqpIupk11ZQ3ybBY
WPQmLnIiCAijL69kBmBynLvJT5XDy2C4ChyzZ5Y73CXhgJwCqOZJwbO7Doig9PZQ
yVLtui18W3uVQ7ZlIxCAQUeFzSkZf3/XNlr2FkP+efw4LLGH8kiKMsyKuoLuthO1
1YrXvI0sjuDOxQwrlNQ2CLVANLBpUMH2U1aiYbA6iICSHr8ORAc84StgG9mFLeyN
w32/04MGPvZfset8gRCOuvA2sLTjylqh0IpaPWlnT77neqOFtETtzJ+3UuOcdfnN
t2bxqimHT8WhBB823WajWlLdXcc902e9LLhe9M1/bwOqFIIlKDqtCndjyXpe/qhA
s0YB8TqJLxJQqvdnmYiBFfGrDTgNBpjt6AKJHRGd4xgsYsmQ3zLJ0Z8mNNQhlLf/
osGXa2s/ZX7ernfvSDQIOB70gohCLFtBok0unyBJhtHxXmZ7UmpuIanx
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIJKAIBAAKCAgEAoE7KVgSgvU/eruyRMmxEDzJCPp9UdYdLeQ+Dq1xVq9lrBzq1
HEiINzjX8RaMvuI7BvqKjZRspoP+Dzr3kIURH0W9xbWK6SsL+1RXn8BV3RINy9Ld
GcZSd0qHzYcI2sytQNT9cfyyYSl+O5eurRg+6IZtjXNItAqKuNhOJqwk4N8aTFJu
hs1+N0vtoSj7cdcFCrmYYiP0Dg9iZ7IUaQcI3y1G9/iVjUp88mha0MviSY7hIU1n
gUB6Ef0Anq9M3zIwVwe0XOmnbrfpNhMFCwu7jyesqzoyo47JTRH9R/D1COJYMujc
KjqlwJOZV/XqyQ6h2D0E10SExd5+mIQTU04vpk6RJQblZJjRDkiXrj1Bwk5jPDYD
Q2Tcg7Ggh7Fdq3iyIKBKU1+DJGYGfkc1xmjloQN/37eASoXMQVLIfcKUgCkLtF49
uk++wICClqAE5cI+A7bDZVb0d80eTCkXdiqftyrDQVArApES59V2dK+z1+AWUxme
oDewzKbyj30Vy+pYFpO6Hnh4980aZrA+3U3y9RlRhdc5qxYqaeN9qfdLWuw0B/kz
ae0uoQlEPCKF1KZlI74HnWEM7mPMeirEfADvULBQCniFE7zfFHrOIHUpHbzfgj/s
sHNulnQRab1p17PxX53CAGFO3QtgRQYsk3bZdGL13hE+GdEmlIs9X+HQVr8CAwEA
AQKCAgEAgDpF8sRE5ukqUHV+Nv0O+7DR+FFuN4x/PFjCk6GKDaodyGyXTgZenv1j
Db9h2ZYQbSafCVy+A/v0jq42NG2cIo2gnLL4aEY8kU8HwAsTI4A7dNw4a1ONx0ng
ku/+jzXFJ+S2ziS5cqrEBFryKBcKyugsXUbn0svT5sNuz9RGs3ECEialrkJVQVoE
vDKR3p+Fsux+DZKAt3Zq2lNBrDkqSYpoCBXZWmlIxIXgjr9nRDt7rS3DK0ot2pGr
m0LRlH8K17Kb/O4RNaj6bHyOPiWmY33yygwFUXr3XiSTmqYM+oxCzIYjBcxfpUjr
EcbthOGlZ9h3NNHj+npcfRa4dpxF09c8gW2AVG+nXVhciZpcnLDZ5z/Nd/510axU
0m0PlCPfh+3L5tiia9k7zlRxjyzER/GofNiJ6v8oo8YZFvhVdbBBQoGs8aadSLH9
5Kf3fPwm8ZhmmOTVWbFJZul/3o0Ho3yFxMVMq86Qu8Pm+h6Q1Pn7yZsXMg/ECXP/
/ErBaWA+zuBZkgCSbdZk58cxkN45PGWGkoHHACVUvCbG8IuYQ989JeCy5w01FgFV
IXm4squNtWgyhLZgvkhl2Hnc4pR+iYJRgh+ouyv7nELQde7hpM6YJLLUpMfjo7r5
lJyWasZtb9E4iEl4/JrdQYMJCDEyBfDN6sTKr1Ai2txjzQA4uOECggEBAM9LDpJ+
RR+b1rdYgtS6VL5OR1bWUHSi1W9L8Xz20wSQGbRxfEJfWmSslOU0COXvA01eOxQ9
OvHcWxISiHdiM3QxpYNtbsgATCQbsSgegMHpbaEgJPadEkUWxdWejbtpA1ypKmGg
iFB5H5IIcz65wWNFC3g29wrXyBsRevi+K/PTbwOzOlad7AAcbuuHiv73wxi5xo1P
i6IZfjgQMKzD9AJbACAAqyvg70XT+3vlIo5ABKOw1kLuejbNBaXd1af7OfVXReL7
BGGJmG6IzI0qP9q7fX3Iq4Gx34Sf0TSomSyW4kxtsDMPXVURMU4ssxeshh0zYFsZ
GQgsr36mOW5cvbkCggEBAMX5gJTrAW47GgObnQWtYIHRvYO0g7Ge1fN12VzHLiap
3a3RfhEDTVKkiugO1GxRC1NY0tcDUwrUzS/00ovDZ/8dVqMHITFj6zfA8aX6vnzA
TnoUWINawPxFBB6FrEuXyGIVbykinuvFyk+z/DzgKzL8X5MaLymYSV+eT+9jjLHO
pJ37S86evkljq24Ow6KB1rKb8mMsk8GDZB4JalDdGWzlG1qJkHMg7ULkEHx2lDTW
mcuHwRtMimFPCBGqH0i+p3O1IUkodJPNYbldrEfAkzRdD4lH9B+DNYBgxP4FWhY2
d9DTHAGCa9ZV0HjnGgPOILRmV69+9yQhNhu5010qNDcCggEABq1VP9S/Z0A+z1MT
i8SgvCyLUbm/h7JDC723fp34uBnoKg7JwN2PbNS+Sw+9BaMISTKy1nkOcAH4EQH1
0Vqha6m5uh0JR3ny+erGbxNkdFqPhHQjnKn8j6snHjVoPVQpno94ZQKlwWnVYX/S
LoAPQaJUtz+V/4xpzq1md6Kwib8SwVzBkU6u7mX8EKwiBwp2B1LcmWqphcQqc6XZ
24bIUlcaDu3Wlag+LNKiNCByV4CqZZdpn2hNGXzLJMebfTizajqwbppFTtr+xPi1
Fgr5WZNWfHm9RIU1PPFk7LxNisklau7RkSN6jyXpn6oC7s1I2KHyBZ0uWDwQPxUd
nndwSQKCAQA/gmrdWwZ6djtCLQmSaKws+TvypFYbBPldwNCaEsubW6Lhv/LRQl3r
xR1KlHdQyC757eS1VTuundW1LLTeYTFbhe3lHsRnM8ahfCQJOwcgvhBu2VgLy3Fd
fEZ2BCvhlC+UR4wBhjm1KR5dsz+Xx9IT6SI/7oZysYfYRNEf2q+n2sK0a4lGH2ar
5G16QQJBf6WAZsa7SfGcgqn7eMnCZytg456CzN6qEEYMz1z6kI+6450yzboFJ+i8
jr3n7Mtcas0NMW4cKf477AcNkB9UZVLT2YbCY3LNKSpgpKqNUuozdgW51/+D/HLb
r2vRXVHbJqUXOj2m7vQZgw34lwRXPtLBAoIBAChJgVltpcWKUWqltYXCQsdPPbb4
DQMb4bb2vV2iON2kl+UlcCdhr0f5yWoAyKjs49lcHBN2Ny4zVR0vIu/IDeX47Fx7
n0OfcFgcnqiqiFhXkWGcfU2JHq/q5tmk5M04aCgkFM8IyEsG6ZLoi849Km9r8quu
VfclpJ6SsMGnWo/A2eIVP9GsfqRys9ZWKJ9inZRP5Lmx6pCZa12Mn6ey0h/kxOqh
ruJQDdV0O4PsvZhTQFhahSVyNmSKnLguq3zsyBwKRsNI9TVXMv/hs0nnwfFgtBK1
K61c7AL4+9dtAWEnuwqy/1srZEeBr/jgTqyFyr+GQFYUMuE/uXNKCDWlIRI=
-----END RSA PRIVATE KEY-----
unit-files/backup-u@.service deleted 100644 → 0
View file @ dbf163ca
[Unit]
Description=Back up data from %i
[Service]
Type=oneshot
TimeoutStartSec=0
WorkingDirectory=/data/domains/%i/
EnvironmentFile=/etc/environment
ExecStartPre=/bin/bash -euxc ' \
/bin/docker run \
--rm \
--name clean-%i \
-v /root:/root \
indiepaas/duplicity \
remove-older-than 4W --force \
sftp://${BACKUP_DESTINATION}/%i'
ExecStartPre=/bin/bash -euxc '/data/domains/%i/BACKUP'
ExecStart=/bin/bash -euxc ' \
/bin/docker run \
--rm \
--name backup-%i \
-h backup.container \
--cpu-shares=100 \
-v /root:/root \
-v /data/domains/%i:/backup indiepaas/duplicity \
--full-if-older-than 1W \
--encrypt-key ${ENCRYPT_KEY} \
/backup \
sftp://${BACKUP_DESTINATION}/%i'
unit-files/backup-u@.timer deleted 100644 → 0
View file @ dbf163ca
[Unit]
Description=Hourly backup of www and mysql content.
# Dependency binding
BindsTo=universal@%i.service
[Timer]
OnActiveSec=20
OnUnitActiveSec=60min
AccuracySec=50min
unit-files/backup@.service deleted 100644 → 0
View file @ dbf163ca
[Unit]
Description=Back up data from %i
[Service]
Type=oneshot
TimeoutStartSec=0
EnvironmentFile=/etc/environment
ExecStartPre=/usr/bin/docker run --rm -v /opt/bin:/opt/bin ibuildthecloud/systemd-docker
ExecStartPre=-/usr/bin/docker kill mysqldump-%i
ExecStartPre=-/usr/bin/docker rm mysqldump-%i
ExecStartPre=/bin/bash -euxc ' \
/bin/docker run \
--rm \
--name clean-%i \
-v /root:/root \
indiepaas/duplicity \
remove-older-than 4W --force \
sftp://${BACKUP_DESTINATION}/%i'
ExecStartPre=/bin/bash -euxc '\
if [ -d /data/domains/%i/mysql ]; then \
echo "Backing up mysql databases for %i"; \
mysql_passwd=`cat /data/domains/%i/mysql/.env | cut -d= -f2`; \
/usr/bin/docker run \
--rm \
--name mysqldump-%i \
--link mysql-%i:db \
--env-file /data/domains/%i/mysql/.env \
indiepaas/mysql \
mysqldump \
--all-databases \
--events \
-uadmin \
-p$mysql_passwd \
-h db > /data/domains/%i/mysql/dump.sql; \
fi'
ExecStart=/bin/bash -euxc ' \
/bin/docker run \
--rm \
--name backup-%i \
--cpu-shares=100 \
-h backup.container \
-v /root:/root \
-v /data/domains/%i:/backup indiepaas/duplicity \
--full-if-older-than 1W \
--encrypt-key ${ENCRYPT_KEY} \
/backup \
sftp://${BACKUP_DESTINATION}/%i'
unit-files/backup@.timer deleted 100644 → 0
View file @ dbf163ca
[Unit]
Description=Hourly backup of www and mysql content.
# Dependency binding
BindsTo=web@%i.service
[Timer]
OnActiveSec=20
OnUnitActiveSec=60min
AccuracySec=50min
unit-files/confd.service deleted 100644 → 0
View file @ dbf163ca
[Unit]
Description=%p
# Requirements
Requires=docker.service
Requires=etcd.service
# Dependency ordering
After=docker.service
After=etcd.service
Before=haproxy.service
[Service]
Restart=always
RestartSec=20
TimeoutStartSec=0
ExecStartPre=-/usr/bin/docker kill %p
ExecStartPre=-/usr/bin/docker rm %p
ExecStart=/usr/bin/docker run \
--rm \
--name %p \
-v /data/runtime/haproxy/:/etc/haproxy/ \
-v /var/run/docker.sock:/var/run/docker.sock \
indiepaas/confd
ExecReload=/usr/bin/docker restart %p
ExecStop=/usr/bin/docker stop %p
[Install]
WantedBy=multi-user.target