a.paliy
/
selfprivacy_fork
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Final install script release

master
Illia Chub 2020-09-03 17:54:31 +03:00
parent 2cb16a7e81
commit b26e36a96e
1 changed files with 28 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
static/server.sh
View File

@ -17,9 +17,10 @@ InstallDependencies()
wget https://selfprivacy.org/configuration.nix
wget https://selfprivacy.org/mailserver.nix
wget https://selfprivacy.org/goss.nix
wget https://selfprivacy.org/goss.yaml
wget https://selfprivacy.org/restic.nix
wget https://selfprivacy.org/restic.yaml
wget https://selfprivacy.org/s3cli
chmod +x s3cli
}
CollectData()
{
@ -44,7 +45,6 @@ GenerateSSHKey()
# Add SSH key to Hetzner
AddSSHKey()
{
echo "Adding SSH keys to Hetzner..."
curl -s \
-X POST \
-H "Authorization: Bearer $HETZNER_TOKEN" \
@ -66,8 +66,12 @@ MakeConfig()
sed -i '63s/.*/ email = "'"$USERNAME"'@'"$DOMAIN"'";/' mailserver.nix
# System Configuration
sed -i "15s,.*,\t\"${sshKey}\"," configuration.nix
sed -i "16s,.*,\t restic -r s3:s3.amazonaws.com/${AWS_BUCKET_NAME} backup /var/vmail /var/vmail ," restic.nix
sed -i "16s,.*,\t\"${sshKey}\"," configuration.nix
# Restic
sed -i '14s/.*/\t\tEnvironment = [ "AWS_ACCESS_KEY_ID='$AWS_TOKEN_ID'" "AWS_SECRET_ACCESS_KEY='$AWS_TOKEN'" ];/' restic.nix
sed -i "17s,.*,\t restic -r s3:s3.amazonaws.com/${AWS_BUCKET_NAME} backup /var/vmail /var/vmail ," restic.nix
}
MakeServer()
@ -98,16 +102,12 @@ CreateS3BucketRaw()
CreateS3Bucket()
{
mkdir ~/.aws
touch ~/.aws/credentials
echo "[default]" >> ~/.aws/credentials
echo "aws_access_key_id=$AWS_TOKEN_ID" >> ~/.aws/credentials
echo "aws_secret_access_key=$AWS_TOKEN" >> ~/.aws/credentials
if [[ -z "$(./s3cli -e http://s3.us-east-2.amazonaws.com --ak "$AWS_TOKEN_ID" --sk "$AWS_TOKEN" --region us-east-2 bucket ls | grep backup)" ]]; then
read "AWS S3 bucket found in your account. Do you want to restore backup from there? (y/n) " RESTORE_MAILBACKUP
else
export AWS_BUCKET_NAME=$(pwgen -1 --no-capitalize 6)-backup
./s3cli -e http://s3.us-east-2.amazonaws.com --ak "$AWS_TOKEN_ID" --sk "$AWS_TOKEN" --region us-east-2 bucket create $AWS_BUCKET_NAME
if test -z $(./s3cli -e http://s3.us-east-2.amazonaws.com --ak "$AWS_TOKEN_ID" --sk "$AWS_TOKEN" --region us-east-2 bucket ls | grep backup)
then
export AWS_BUCKET_NAME=$(pwgen -1 --no-capitalize 6)-backup
./s3cli -e http://s3.us-east-2.amazonaws.com --ak "$AWS_TOKEN_ID" --sk "$AWS_TOKEN" --region us-east-2 bucket create $AWS_BUCKET_NAME
else
read -p "Restore from backup? y/n " RESTORE_MAILBACKUP
fi
}
@ -127,14 +127,14 @@ ApplyConfig()
scp -i ~/.nix-ms/id_rsa mailserver.nix "root@$machineip:/root"
scp -i ~/.nix-ms/id_rsa configuration.nix "root@$machineip:/root"
scp -i ~/.nix-ms/id_rsa goss.nix "root@$machineip:/root"
scp -i ~/.nix-ms/id_rsa restic.nix "root@$machineip:/root"
scp -i ~/.nix-ms/id_rsa goss.yaml "root@$machineip:/root"
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/mailserver.nix /etc/nixos/mailserver.nix
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/configuration.nix /etc/nixos/configuration.nix
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/goss.nix /etc/nixos/goss.nix
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/restic.nix /etc/nixos/restic.nix
sleep 3
ssh -i ~/.nix-ms/id_rsa "root@$machineip" nixos-rebuild switch
ssh -i ~/.nix-ms/id_rsa "root@$machineip" export AWS_ACCESS_KEY_ID=$AWS_TOKEN_ID
ssh -i ~/.nix-ms/id_rsa "root@$machineip" export AWS_SECRET_ACCESS_KEY=$AWS_TOKEN
}
RestoreBackup()
@ -158,8 +158,13 @@ ClearTempFiles()
rm $DOMAIN.selector.txt
rm -rf ~/.nix-ms/
rm ~/.ssh/known_hosts
rm .healthz.json
rm .hetzner_machines.json
rm configuration.nix
rm goss.nix
rm goss.yaml
rm mailserver.nix
rm restic.nix
rm s3cli
exit 0
}
# Cloudflare configuration
@ -216,8 +221,8 @@ PostInstallation()
{
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME init
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME forget --prune --keep-hourly 2 --keep-daily 7 --keep-weekly 4
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/result/bin/goss /root/
ssh -i ~/.nix-ms/id_rsa "root@$machineip" /root/goss serve --format json &
#ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/result/bin/goss /root/
#ssh -i ~/.nix-ms/id_rsa "root@$machineip" /root/goss serve --format json &
}
PerformTests()
@ -254,7 +259,6 @@ then
exit -1
fi
fi
#RunPreFlightChecks
InstallDependencies
GenerateSSHKey
printf "Importing SSH key into your Hetzner account..."
@ -267,11 +271,12 @@ printf "Waiting for the server to create...\n"
MakeServer
sleep 30
printf "Waiting for nixos-infect to replace system files(this may take some time)...\n"
sleep 240
sleep 280
CreateS3Bucket
GetMachineIP
ApplyConfig
if [$RESTORE_MAILBACKUP == "y"]; then
if [ $RESTORE_MAILBACKUP == "y" ]
then
RestoreBackup
fi
GetDKIM
@ -286,11 +291,6 @@ CreateSPFRecord
CreateDKIMRecord
printf "done\n"
PostInstallation
#PerformTests
#while ! ping -c1 192.168.0.107 &>/dev/null
# do echo "Ping Fail - `date`"
#done
#echo "Host Found - `date`"
printf "Clearing temporary files..."
ClearTempFiles
printf "done\n"