-
Notifications
You must be signed in to change notification settings - Fork 41
/
setup.sh
executable file
·236 lines (206 loc) · 9.13 KB
/
setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
#!/bin/bash
set -e -o pipefail
help() {
echo
echo 'Usage ./setup.sh ~/path/to/MANTA_PRIVATE_KEY'
echo
echo 'Checks that your Triton and Docker environment is sane and configures'
echo 'an environment file to use.'
echo
echo 'MANTA_PRIVATE_KEY is the filesystem path to an SSH private key'
echo 'used to connect to Manta for the database backups.'
echo
echo 'Additional details must be configured in the _env file, but this script will properly'
echo 'encode the SSH key details for use with this this project.'
echo
echo '-'
echo
echo 'Usage ./setup.sh get-cns-hostname'
echo
echo 'Output the CNS hostname suitable for aliasing in DNS for custom domain names.'
echo
}
# populated by `check` function whenever we're using Triton
TRITON_USER=
TRITON_DC=
TRITON_ACCOUNT=
# ---------------------------------------------------
# Top-level commands
# Output aliasable CNS hostname
get-cns-hostname() {
TRITON_DC=$(triton profile get | awk -F"/" '/url:/{print $3}' | awk -F'.' '{print $1}')
TRITON_ACCOUNT=$(triton account get | awk -F": " '/id:/{print $2}')
echo "nginx.svc.${TRITON_ACCOUNT}.${TRITON_DC}.cns.joyent.com"
}
# Check for correct configuration and setup _env file
envcheck() {
if [ -z "$1" ]; then
tput rev # reverse
tput bold # bold
echo 'Please provide a path to a SSH private key to access Manta.'
tput sgr0 # clear
help
exit 1
fi
if [ ! -f "$1" ]; then
tput rev # reverse
tput bold # bold
echo 'SSH private key for Manta is unreadable.'
tput sgr0 # clear
help
exit 1
fi
# Assign args to named vars
MANTA_PRIVATE_KEY_PATH=$1
command -v docker >/dev/null 2>&1 || {
echo
tput rev # reverse
tput bold # bold
echo 'Docker is required, but does not appear to be installed.'
tput sgr0 # clear
echo 'See https://docs.joyent.com/public-cloud/api-access/docker'
exit 1
}
command -v json >/dev/null 2>&1 || {
echo
tput rev # reverse
tput bold # bold
echo 'Error! JSON CLI tool is required, but does not appear to be installed.'
tput sgr0 # clear
echo 'See https://apidocs.joyent.com/cloudapi/#getting-started'
exit 1
}
command -v triton >/dev/null 2>&1 || {
echo
tput rev # reverse
tput bold # bold
echo 'Error! Joyent Triton CLI is required, but does not appear to be installed.'
tput sgr0 # clear
echo 'See https://www.joyent.com/blog/introducing-the-triton-command-line-tool'
exit 1
}
# make sure Docker client is pointed to the same place as the Triton client
local docker_user=$(docker info 2>&1 | awk -F": " '/SDCAccount:/{print $2}')
local docker_dc=$(echo $DOCKER_HOST | awk -F"/" '{print $3}' | awk -F'.' '{print $1}')
TRITON_USER=$(triton profile get | awk -F": " '/account:/{print $2}')
TRITON_DC=$(triton profile get | awk -F"/" '/url:/{print $3}' | awk -F'.' '{print $1}')
TRITON_ACCOUNT=$(triton account get | awk -F": " '/id:/{print $2}')
if [ ! "$docker_user" = "$TRITON_USER" ] || [ ! "$docker_dc" = "$TRITON_DC" ]; then
echo
tput rev # reverse
tput bold # bold
echo 'Error! The Triton CLI configuration does not match the Docker CLI configuration.'
tput sgr0 # clear
echo
echo "Docker user: ${docker_user}"
echo "Triton user: ${TRITON_USER}"
echo "Docker data center: ${docker_dc}"
echo "Triton data center: ${TRITON_DC}"
exit 1
fi
local triton_cns_enabled=$(triton account get | awk -F": " '/cns/{print $2}')
if [ ! "true" == "$triton_cns_enabled" ]; then
echo
tput rev # reverse
tput bold # bold
echo 'Error! Triton CNS is required and not enabled.'
tput sgr0 # clear
echo
echo 'Consider running:'
echo ' triton account update triton_cns_enabled=true'
echo
exit 1
fi
# setup environment file
if [ ! -f "_env" ]; then
echo '# Environment variables for for WordPress site' > _env
echo '# please include the scheme http:// or https:// in the URL variable' >> _env
echo 'WORDPRESS_URL=http://'nginx.svc.${TRITON_ACCOUNT}.${TRITON_DC}.triton.zone >> _env
echo 'WORDPRESS_SITE_TITLE=Autopilot Pattern WordPress test site' >> _env
echo '[email protected]' >> _env
echo 'WORDPRESS_ADMIN_USER=admin-'$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 3) >> _env
echo 'WORDPRESS_ADMIN_PASSWORD='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 11) >> _env
echo 'WORDPRESS_ACTIVE_THEME=twentysixteen' >> _env
echo 'WORDPRESS_CACHE_KEY_SALT='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 53) >> _env
echo '#WORDPRESS_TEST_DATA=true # uncomment to import a collection of test content on start' >> _env
echo >> _env
echo '# Wordpress security salts' >> _env
echo '# These must be unique for your install to ensure the security of the site' >> _env
echo 'WORDPRESS_AUTH_KEY='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 53) >> _env
echo 'WORDPRESS_SECURE_AUTH_KEY='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 53) >> _env
echo 'WORDPRESS_LOGGED_IN_KEY='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 53) >> _env
echo 'WORDPRESS_NONCE_KEY='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 53) >> _env
echo 'WORDPRESS_AUTH_SALT='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 53) >> _env
echo 'WORDPRESS_SECURE_AUTH_SALT='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 53) >> _env
echo 'WORDPRESS_LOGGED_IN_SALT='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 53) >> _env
echo 'WORDPRESS_NONCE_SALT='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 53) >> _env
echo >> _env
echo '# Nginx LetsEncrypt (ACME) config' >> _env
echo '# be sure ACME_DOMAIN host and WORDPRESS_URL host are the same, if using automated SSL via LetsEncrypt' >> _env
echo '# ACME_ENV defaults to "staging", uncomment following ACME_ENV line to switch to LetsEncrypt production endpoint' >> _env
echo '#ACME_DOMAIN='nginx.svc.${TRITON_ACCOUNT}.${TRITON_DC}.triton.zone >> _env
echo '#ACME_ENV=production' >> _env
echo >> _env
echo '# Environment variables for MySQL service' >> _env
echo '# WordPress database/WPDB information' >> _env
echo 'MYSQL_USER=wpdbuser' >> _env
echo 'MYSQL_PASSWORD='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 7) >> _env
echo 'MYSQL_DATABASE=wp' >> _env
echo '# MySQL replication user, should be different from above' >> _env
echo 'MYSQL_REPL_USER=repluser' >> _env
echo 'MYSQL_REPL_PASSWORD='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 7) >> _env
echo >> _env
echo '# Environment variables for backups to Manta' >> _env
echo 'MANTA_URL=https://us-east.manta.joyent.com' >> _env
echo 'MANTA_BUCKET=/<username>/stor/<bucketname> # an existing Manta bucket' >> _env
echo 'MANTA_USER=<username> # a user with access to that bucket' >> _env
echo 'MANTA_SUBUSER=' >> _env
echo 'MANTA_ROLE=' >> _env
# MANTA_KEY_ID must be the md5 formatted key fingerprint. A SHA256 will result in errors.
set +o pipefail
# The -E option was added to ssh-keygen recently; if it doesn't work, then
# assume we're using an older version of ssh-keygen that only outputs MD5 fingerprints
ssh-keygen -yl -E md5 -f ${MANTA_PRIVATE_KEY_PATH} > /dev/null 2>&1
if [ $? -eq 0 ]; then
echo MANTA_KEY_ID=$(ssh-keygen -yl -E md5 -f ${MANTA_PRIVATE_KEY_PATH} | awk '{print substr($2,5)}') >> _env
else
echo MANTA_KEY_ID=$(ssh-keygen -yl -f ${MANTA_PRIVATE_KEY_PATH} | awk '{print $2}') >> _env
fi
set -o pipefail
# munge the private key so that we can pass it into an env var sanely
# and then unmunge it in our startup script
echo MANTA_PRIVATE_KEY=$(cat ${MANTA_PRIVATE_KEY_PATH} | tr '\n' '#') >> _env
echo >> _env
echo '# Consul discovery via Triton CNS' >> _env
echo CONSUL=wp-consul.svc.${TRITON_ACCOUNT}.${TRITON_DC}.cns.joyent.com >> _env
echo >> _env
echo 'Edit the _env file to confirm and set your desired configuration details'
else
echo 'Existing _env file found, exiting'
exit
fi
}
# ---------------------------------------------------
# parse arguments
# Get function list
funcs=($(declare -F -p | cut -d " " -f 3))
until
if [ ! -z "$1" ]; then
# check if the first arg is a function in this file, or use a default
if [[ " ${funcs[@]} " =~ " $1 " ]]; then
cmd=$1
shift 1
else
cmd="envcheck"
fi
$cmd "$@"
if [ $? == 127 ]; then
help
fi
exit
else
help
fi
do
echo
done