a.paliy
/
selfprivacy_fork
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Final install script release

master
Illia Chub 2020-09-03 17:54:31 +03:00
parent 2cb16a7e81
commit b26e36a96e
1 changed files with 28 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
static/server.sh
View File

@ -17,9 +17,10 @@ InstallDependencies()
wget https://selfprivacy.org/configuration.nix wget https://selfprivacy.org/configuration.nix
wget https://selfprivacy.org/mailserver.nix wget https://selfprivacy.org/mailserver.nix
wget https://selfprivacy.org/goss.nix wget https://selfprivacy.org/goss.nix
wget https://selfprivacy.org/goss.yaml
wget https://selfprivacy.org/restic.nix wget https://selfprivacy.org/restic.nix
wget https://selfprivacy.org/restic.yaml
wget https://selfprivacy.org/s3cli wget https://selfprivacy.org/s3cli
chmod +x s3cli
} }
CollectData() CollectData()
{ {
@ -44,7 +45,6 @@ GenerateSSHKey()
# Add SSH key to Hetzner # Add SSH key to Hetzner
AddSSHKey() AddSSHKey()
{ {
echo "Adding SSH keys to Hetzner..."
curl -s \ curl -s \
-X POST \ -X POST \
-H "Authorization: Bearer $HETZNER_TOKEN" \ -H "Authorization: Bearer $HETZNER_TOKEN" \
@ -66,8 +66,12 @@ MakeConfig()
sed -i '63s/.*/ email = "'"$USERNAME"'@'"$DOMAIN"'";/' mailserver.nix sed -i '63s/.*/ email = "'"$USERNAME"'@'"$DOMAIN"'";/' mailserver.nix
# System Configuration # System Configuration
sed -i "15s,.*,\t\"${sshKey}\"," configuration.nix sed -i "16s,.*,\t\"${sshKey}\"," configuration.nix
sed -i "16s,.*,\t restic -r s3:s3.amazonaws.com/${AWS_BUCKET_NAME} backup /var/vmail /var/vmail ," restic.nix
# Restic
sed -i '14s/.*/\t\tEnvironment = [ "AWS_ACCESS_KEY_ID='$AWS_TOKEN_ID'" "AWS_SECRET_ACCESS_KEY='$AWS_TOKEN'" ];/' restic.nix
sed -i "17s,.*,\t restic -r s3:s3.amazonaws.com/${AWS_BUCKET_NAME} backup /var/vmail /var/vmail ," restic.nix
} }
MakeServer() MakeServer()
@ -98,16 +102,12 @@ CreateS3BucketRaw()
CreateS3Bucket() CreateS3Bucket()
{ {
mkdir ~/.aws if test -z $(./s3cli -e http://s3.us-east-2.amazonaws.com --ak "$AWS_TOKEN_ID" --sk "$AWS_TOKEN" --region us-east-2 bucket ls | grep backup)
touch ~/.aws/credentials then
echo "[default]" >> ~/.aws/credentials export AWS_BUCKET_NAME=$(pwgen -1 --no-capitalize 6)-backup
echo "aws_access_key_id=$AWS_TOKEN_ID" >> ~/.aws/credentials ./s3cli -e http://s3.us-east-2.amazonaws.com --ak "$AWS_TOKEN_ID" --sk "$AWS_TOKEN" --region us-east-2 bucket create $AWS_BUCKET_NAME
echo "aws_secret_access_key=$AWS_TOKEN" >> ~/.aws/credentials else
if [[ -z "$(./s3cli -e http://s3.us-east-2.amazonaws.com --ak "$AWS_TOKEN_ID" --sk "$AWS_TOKEN" --region us-east-2 bucket ls | grep backup)" ]]; then read -p "Restore from backup? y/n " RESTORE_MAILBACKUP
read "AWS S3 bucket found in your account. Do you want to restore backup from there? (y/n) " RESTORE_MAILBACKUP
else
export AWS_BUCKET_NAME=$(pwgen -1 --no-capitalize 6)-backup
./s3cli -e http://s3.us-east-2.amazonaws.com --ak "$AWS_TOKEN_ID" --sk "$AWS_TOKEN" --region us-east-2 bucket create $AWS_BUCKET_NAME
fi fi
} }
@ -127,14 +127,14 @@ ApplyConfig()
scp -i ~/.nix-ms/id_rsa mailserver.nix "root@$machineip:/root" scp -i ~/.nix-ms/id_rsa mailserver.nix "root@$machineip:/root"
scp -i ~/.nix-ms/id_rsa configuration.nix "root@$machineip:/root" scp -i ~/.nix-ms/id_rsa configuration.nix "root@$machineip:/root"
scp -i ~/.nix-ms/id_rsa goss.nix "root@$machineip:/root" scp -i ~/.nix-ms/id_rsa goss.nix "root@$machineip:/root"
scp -i ~/.nix-ms/id_rsa restic.nix "root@$machineip:/root"
scp -i ~/.nix-ms/id_rsa goss.yaml "root@$machineip:/root" scp -i ~/.nix-ms/id_rsa goss.yaml "root@$machineip:/root"
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/mailserver.nix /etc/nixos/mailserver.nix ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/mailserver.nix /etc/nixos/mailserver.nix
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/configuration.nix /etc/nixos/configuration.nix ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/configuration.nix /etc/nixos/configuration.nix
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/goss.nix /etc/nixos/goss.nix ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/goss.nix /etc/nixos/goss.nix
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/restic.nix /etc/nixos/restic.nix
sleep 3 sleep 3
ssh -i ~/.nix-ms/id_rsa "root@$machineip" nixos-rebuild switch ssh -i ~/.nix-ms/id_rsa "root@$machineip" nixos-rebuild switch
ssh -i ~/.nix-ms/id_rsa "root@$machineip" export AWS_ACCESS_KEY_ID=$AWS_TOKEN_ID
ssh -i ~/.nix-ms/id_rsa "root@$machineip" export AWS_SECRET_ACCESS_KEY=$AWS_TOKEN
} }
RestoreBackup() RestoreBackup()
@ -158,8 +158,13 @@ ClearTempFiles()
rm $DOMAIN.selector.txt rm $DOMAIN.selector.txt
rm -rf ~/.nix-ms/ rm -rf ~/.nix-ms/
rm ~/.ssh/known_hosts rm ~/.ssh/known_hosts
rm .healthz.json rm configuration.nix
rm .hetzner_machines.json rm goss.nix
rm goss.yaml
rm mailserver.nix
rm restic.nix
rm s3cli
exit 0
} }
# Cloudflare configuration # Cloudflare configuration
@ -216,8 +221,8 @@ PostInstallation()
{ {
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME init ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME init
ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME forget --prune --keep-hourly 2 --keep-daily 7 --keep-weekly 4 ssh -i ~/.nix-ms/id_rsa "root@$machineip" restic -r s3:s3.amazonaws.com/$AWS_BUCKET_NAME forget --prune --keep-hourly 2 --keep-daily 7 --keep-weekly 4
ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/result/bin/goss /root/ #ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/result/bin/goss /root/
ssh -i ~/.nix-ms/id_rsa "root@$machineip" /root/goss serve --format json & #ssh -i ~/.nix-ms/id_rsa "root@$machineip" /root/goss serve --format json &
} }
PerformTests() PerformTests()
@ -254,7 +259,6 @@ then
exit -1 exit -1
fi fi
fi fi
#RunPreFlightChecks
InstallDependencies InstallDependencies
GenerateSSHKey GenerateSSHKey
printf "Importing SSH key into your Hetzner account..." printf "Importing SSH key into your Hetzner account..."
@ -267,11 +271,12 @@ printf "Waiting for the server to create...\n"
MakeServer MakeServer
sleep 30 sleep 30
printf "Waiting for nixos-infect to replace system files(this may take some time)...\n" printf "Waiting for nixos-infect to replace system files(this may take some time)...\n"
sleep 240 sleep 280
CreateS3Bucket CreateS3Bucket
GetMachineIP GetMachineIP
ApplyConfig ApplyConfig
if [$RESTORE_MAILBACKUP == "y"]; then if [ $RESTORE_MAILBACKUP == "y" ]
then
RestoreBackup RestoreBackup
fi fi
GetDKIM GetDKIM
@ -286,11 +291,6 @@ CreateSPFRecord
CreateDKIMRecord CreateDKIMRecord
printf "done\n" printf "done\n"
PostInstallation PostInstallation
#PerformTests
#while ! ping -c1 192.168.0.107 &>/dev/null
# do echo "Ping Fail - `date`"
#done
#echo "Host Found - `date`"
printf "Clearing temporary files..." printf "Clearing temporary files..."
ClearTempFiles ClearTempFiles
printf "done\n" printf "done\n"