Final install script release
parent
2cb16a7e81
commit
b26e36a96e
|
@ -17,9 +17,10 @@ InstallDependencies()
|
|||
wget https://selfprivacy.org/configuration.nix
|
||||
wget https://selfprivacy.org/mailserver.nix
|
||||
wget https://selfprivacy.org/goss.nix
|
||||
wget https://selfprivacy.org/goss.yaml
|
||||
wget https://selfprivacy.org/restic.nix
|
||||
wget https://selfprivacy.org/restic.yaml
|
||||
wget https://selfprivacy.org/s3cli
|
||||
chmod +x s3cli
|
||||
}
|
||||
CollectData()
|
||||
{
|
||||
|
@ -44,7 +45,6 @@ GenerateSSHKey()
|
|||
# Add SSH key to Hetzner
|
||||
AddSSHKey()
|
||||
{
|
||||
echo "Adding SSH keys to Hetzner..."
|
||||
curl -s \
|
||||
-X POST \
|
||||
-H "Authorization: Bearer $HETZNER_TOKEN" \
|
||||
|
@ -66,8 +66,12 @@ MakeConfig()
|
|||
sed -i '63s/.*/ email = "'"$USERNAME"'@'"$DOMAIN"'";/' mailserver.nix
|
||||
|
||||
# System Configuration
|
||||
sed -i "15s,.*,\t\"${sshKey}\"," configuration.nix
|
||||
sed -i "16s,.*,\t restic -r s3:s3.amazonaws.com/${AWS_BUCKET_NAME} backup /var/vmail /var/vmail ," restic.nix
|
||||
sed -i "16s,.*,\t\"${sshKey}\"," configuration.nix
|
||||
|
||||
# Restic
|
||||
sed -i '14s/.*/\t\tEnvironment = [ "AWS_ACCESS_KEY_ID='$AWS_TOKEN_ID'" "AWS_SECRET_ACCESS_KEY='$AWS_TOKEN'" ];/' restic.nix
|
||||
sed -i "17s,.*,\t restic -r s3:s3.amazonaws.com/${AWS_BUCKET_NAME} backup /var/vmail /var/vmail ," restic.nix
|
||||
|
||||
}
|
||||
|
||||
MakeServer()
|
||||
|
@ -98,16 +102,12 @@ CreateS3BucketRaw()
|
|||
|
||||
CreateS3Bucket()
|
||||
{
|
||||
mkdir ~/.aws
|
||||
touch ~/.aws/credentials
|
||||
echo "[default]" >> ~/.aws/credentials
|
||||
echo "aws_access_key_id=$AWS_TOKEN_ID" >> ~/.aws/credentials
|
||||
echo "aws_secret_access_key=$AWS_TOKEN" >> ~/.aws/credentials
|
||||
if [[ -z "$(./s3cli -e http://s3.us-east-2.amazonaws.com --ak "$AWS_TOKEN_ID" --sk "$AWS_TOKEN" --region us-east-2 bucket ls | grep backup)" ]]; then
|
||||
read "AWS S3 bucket found in your account. Do you want to restore backup from there? (y/n) " RESTORE_MAILBACKUP
|
||||
else
|
||||
export AWS_BUCKET_NAME=$(pwgen -1 --no-capitalize 6)-backup
|
||||
./s3cli -e http://s3.us-east-2.amazonaws.com --ak "$AWS_TOKEN_ID" --sk "$AWS_TOKEN" --region us-east-2 bucket create $AWS_BUCKET_NAME
|
||||
if test -z $(./s3cli -e http://s3.us-east-2.amazonaws.com --ak "$AWS_TOKEN_ID" --sk "$AWS_TOKEN" --region us-east-2 bucket ls | grep backup)
|
||||
then
|
||||
export AWS_BUCKET_NAME=$(pwgen -1 --no-capitalize 6)-backup
|
||||
./s3cli -e http://s3.us-east-2.amazonaws.com --ak "$AWS_TOKEN_ID" --sk "$AWS_TOKEN" --region us-east-2 bucket create $AWS_BUCKET_NAME
|
||||
else
|
||||
read -p "Restore from backup? y/n " RESTORE_MAILBACKUP
|
||||
fi
|
||||
}
|
||||
|
||||
|
@ -127,14 +127,14 @@ ApplyConfig()
|
|||
scp -i ~/.nix-ms/id_rsa mailserver.nix "root@$machineip:/root"
|
||||
scp -i ~/.nix-ms/id_rsa configuration.nix "root@$machineip:/root"
|
||||
scp -i ~/.nix-ms/id_rsa goss.nix "root@$machineip:/root"
|
||||
scp -i ~/.nix-ms/id_rsa restic.nix "root@$machineip:/root"
|
||||
scp -i ~/.nix-ms/id_rsa goss.yaml "root@$machineip:/root"
|
||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/mailserver.nix /etc/nixos/mailserver.nix
|
||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/configuration.nix /etc/nixos/configuration.nix
|
||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/goss.nix /etc/nixos/goss.nix
|
||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/restic.nix /etc/nixos/restic.nix
|
||||
sleep 3
|
||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" nixos-rebuild switch
|
||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" export AWS_ACCESS_KEY_ID=$AWS_TOKEN_ID
|
||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" export AWS_SECRET_ACCESS_KEY=$AWS_TOKEN
|
||||
}
|
||||
|
||||
RestoreBackup()
|
||||
|
@ -158,8 +158,13 @@ ClearTempFiles()
|
|||
rm $DOMAIN.selector.txt
|
||||
rm -rf ~/.nix-ms/
|
||||
rm ~/.ssh/known_hosts
|
||||
rm .healthz.json
|
||||
rm .hetzner_machines.json
|
||||
rm configuration.nix
|
||||
rm goss.nix
|
||||
rm goss.yaml
|
||||
rm mailserver.nix
|
||||
rm restic.nix
|
||||
rm s3cli
|
||||
exit 0
|
||||
}
|
||||
|
||||
# Cloudflare configuration
|
||||
|
@ -216,8 +221,8 @@ PostInstallation()
|
|||
{
|
||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME init
|
||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME forget --prune --keep-hourly 2 --keep-daily 7 --keep-weekly 4
|
||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/result/bin/goss /root/
|
||||
ssh -i ~/.nix-ms/id_rsa "root@$machineip" /root/goss serve --format json &
|
||||
#ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/result/bin/goss /root/
|
||||
#ssh -i ~/.nix-ms/id_rsa "root@$machineip" /root/goss serve --format json &
|
||||
}
|
||||
|
||||
PerformTests()
|
||||
|
@ -254,7 +259,6 @@ then
|
|||
exit -1
|
||||
fi
|
||||
fi
|
||||
#RunPreFlightChecks
|
||||
InstallDependencies
|
||||
GenerateSSHKey
|
||||
printf "Importing SSH key into your Hetzner account..."
|
||||
|
@ -267,11 +271,12 @@ printf "Waiting for the server to create...\n"
|
|||
MakeServer
|
||||
sleep 30
|
||||
printf "Waiting for nixos-infect to replace system files(this may take some time)...\n"
|
||||
sleep 240
|
||||
sleep 280
|
||||
CreateS3Bucket
|
||||
GetMachineIP
|
||||
ApplyConfig
|
||||
if [$RESTORE_MAILBACKUP == "y"]; then
|
||||
if [ $RESTORE_MAILBACKUP == "y" ]
|
||||
then
|
||||
RestoreBackup
|
||||
fi
|
||||
GetDKIM
|
||||
|
@ -286,11 +291,6 @@ CreateSPFRecord
|
|||
CreateDKIMRecord
|
||||
printf "done\n"
|
||||
PostInstallation
|
||||
#PerformTests
|
||||
#while ! ping -c1 192.168.0.107 &>/dev/null
|
||||
# do echo "Ping Fail - `date`"
|
||||
#done
|
||||
#echo "Host Found - `date`"
|
||||
printf "Clearing temporary files..."
|
||||
ClearTempFiles
|
||||
printf "done\n"
|
||||
|
|
Loading…
Reference in New Issue