guezoloic/serverconfig
1
0
Fork 0
mirror of https://github.com/guezoloic/serverconfig.git synced 2026-03-28 18:03:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: password env variable

Browse Source
This commit is contained in:
Loïc GUEZO
2026-03-01 18:03:46 +01:00
parent f40eeff6be
commit cc9d388c0a
5 changed files with 79 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
disk-monitor.sh
View File

@@ -11,7 +11,7 @@ source $PROJECT_DIR/utils.sh 2>/dev/null
INSTALLED=$1 INSTALLED=$1
if [[ "--install" == $INSTALLED ]]; then if [[ "--install" == $INSTALLED ]]; then
log_info "disk-monitor Installation" log_info "disk-monitor Installation"
CMD="0 3 * * 1 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin $PROJECT_DIR/disk-monitor.sh" CMD="0 3 * * 1 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin $PROJECT_DIR/disk-monitor.sh"
add_crontab "$CMD" add_crontab "$CMD"
exit exit
@@ -19,7 +19,7 @@ fi
usage=80 usage=80
send_notification "$( send_notification "$(
df -h / | grep / | awk -v max="$usage" '{ df -h / | grep / | awk -v max="$usage" '{
usage = $5; usage = $5;
gsub("%", "", usage); gsub("%", "", usage);
if (usage > max) { if (usage > max) {

32
docker-compose.sh
View File

@@ -5,19 +5,31 @@ readonly PROJECT_DIR 2>/dev/null
source $PROJECT_DIR/utils.sh source $PROJECT_DIR/utils.sh
ENV_LIST_PS=(
"MIRROR_AUTH_SECRET"
"SYNAPSE_PASSWORD"
)
if [[ "--install" == $1 ]]; then if [[ "--install" == $1 ]]; then
log_info "docker-compose Installation"
log_info "docker-compose Installation"
COMPOSE_FILE="$(realpath "$PROJECT_DIR/docker-compose.yml")" COMPOSE_FILE="$(realpath "$PROJECT_DIR/docker-compose.yml")"
if [[ -f "$COMPOSE_FILE" ]]; then if [[ -f "$COMPOSE_FILE" ]]; then
docker compose -f "$COMPOSE_FILE" up -d --force-recreate --remove-orphans && \ log_info "set docker password..."
log_success "$COMPOSE_FILE is running.";
CMD="0 0 * * * PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin /usr/bin/docker compose --env-file $ENV_FILE -f $PROJECT_DIR/docker-compose.yml pull -q && /usr/bin/docker compose --env-file $ENV_FILE -f $PROJECT_DIR/docker-compose.yml up -d --remove-orphans" for env in "${ENV_LIST_PS[@]}"; do
add_crontab "$CMD" env_variable "$env" "$(openssl rand -base64 32)"
else done
log_error "no docker-compose.yml found at $PROJECT_DIR";
fi docker compose -f "$COMPOSE_FILE" up -d --force-recreate --remove-orphans &&
exit log_success "$COMPOSE_FILE is running."
CMD="0 0 * * * PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin /usr/bin/docker compose --env-file $ENV_FILE -f $PROJECT_DIR/docker-compose.yml pull -q && /usr/bin/docker compose --env-file $ENV_FILE -f $PROJECT_DIR/docker-compose.yml up -d --remove-orphans"
add_crontab "$CMD"
else
log_error "no docker-compose.yml found at $PROJECT_DIR"
fi
exit
fi fi
COMPOSE_FILE="$(realpath "$PROJECT_DIR/docker-compose.yml")" COMPOSE_FILE="$(realpath "$PROJECT_DIR/docker-compose.yml")"
docker compose -f "$COMPOSE_FILE" up -d --force-recreate --remove-orphans docker compose -f "$COMPOSE_FILE" up -d --force-recreate --remove-orphans

6
docker-compose.yml
View File

@@ -220,7 +220,7 @@ services:
- VIRTUAL_PORT=8008 - VIRTUAL_PORT=8008
- SYNAPSE_POSTGRES_HOST=db-matrix - SYNAPSE_POSTGRES_HOST=db-matrix
- SYNAPSE_POSTGRES_USER=synapse - SYNAPSE_POSTGRES_USER=synapse
- SYNAPSE_POSTGRES_PASSWORD=${DB_PASSWORD} - SYNAPSE_POSTGRES_PASSWORD=${SYNAPSE_PASSWORD}
- SYNAPSE_POSTGRES_DB=synapse - SYNAPSE_POSTGRES_DB=synapse
networks: networks:
- web-network - web-network
@@ -244,7 +244,7 @@ services:
- VIRTUAL_PORT=3000 - VIRTUAL_PORT=3000
- GITEA__server__DOMAIN=git.${HOSTNAME} - GITEA__server__DOMAIN=git.${HOSTNAME}
- GITEA__server__ROOT_URL=https://git.${HOSTNAME}/ - GITEA__server__ROOT_URL=https://git.${HOSTNAME}/
# - DISABLE_REGISTRATION=true # Private instance security - GITEA__service__DISABLE_REGISTRATION=true
volumes: volumes:
- ./data/gitea:/data - ./data/gitea:/data
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
@@ -263,7 +263,7 @@ services:
- LETSENCRYPT_HOST=mirror.${HOSTNAME} - LETSENCRYPT_HOST=mirror.${HOSTNAME}
- LETSENCRYPT_EMAIL=${EMAIL} - LETSENCRYPT_EMAIL=${EMAIL}
- VIRTUAL_PORT=4321 - VIRTUAL_PORT=4321
- BETTER_AUTH_SECRET=${GITHUB_AUTH_SECRET} - BETTER_AUTH_SECRET=${MIRROR_AUTH_SECRET}
- BETTER_AUTH_TRUSTED_ORIGINS=https://mirror.${HOSTNAME} - BETTER_AUTH_TRUSTED_ORIGINS=https://mirror.${HOSTNAME}
volumes: volumes:
- gitea-mirror-data:/app/data - gitea-mirror-data:/app/data

5
install.sh
View File

@@ -10,8 +10,6 @@ ENV_LIST=(
"EMAIL" "HOSTNAME" "EMAIL" "HOSTNAME"
"TELEGRAM_TOKEN" "TELEGRAM_CHAT_ID" "TELEGRAM_TOKEN" "TELEGRAM_CHAT_ID"
"AWS" "ENDPOINT" "AWS_ACCESS_KEY_ID" "AWS_SECRET_ACCESS_KEY" "AWS" "ENDPOINT" "AWS_ACCESS_KEY_ID" "AWS_SECRET_ACCESS_KEY"
"GITHUB_AUTH_SECRET"
"DB_PASSWORD"
) )
readonly REQ=( readonly REQ=(
@@ -24,6 +22,7 @@ readonly REQ=(
"pgrep" "pgrep"
"pkill" "pkill"
"uptime" "uptime"
"openssl"
) )
function check_root() { function check_root() {
@@ -74,7 +73,7 @@ function main() {
for env in "${ENV_LIST[@]}"; do for env in "${ENV_LIST[@]}"; do
read -sp "Enter value for $env: " value read -sp "Enter value for $env: " value
echo echo
env_variable "$env" "$value" env_variable_interaction "$env" "$value"
done done
install_scripts install_scripts

75
utils.sh
View File

@@ -5,8 +5,8 @@
# It handles logging, environment variables, and Telegram notifications. # It handles logging, environment variables, and Telegram notifications.
if [ -z "${PROJECT_DIR:-}" ]; then if [ -z "${PROJECT_DIR:-}" ]; then
PROJECT_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) PROJECT_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
readonly PROJECT_DIR readonly PROJECT_DIR
fi fi
readonly PROJECT_NAME="serverconfig" 2>/dev/null readonly PROJECT_NAME="serverconfig" 2>/dev/null
@@ -23,10 +23,10 @@ readonly NC='\033[0m'
DATETIME_FORMAT="%d-%m-%Y %H:%M:%S" DATETIME_FORMAT="%d-%m-%Y %H:%M:%S"
function log() { function log() {
local type="${1}" local type="${1}"
local color="${2}" local color="${2}"
local message="${3}" local message="${3}"
echo -e "${color}[$(date +"$DATETIME_FORMAT")] [${type}]${NC} ${message}" echo -e "${color}[$(date +"$DATETIME_FORMAT")] [${type}]${NC} ${message}"
} }
function log_info() { log "INFO" "$BLUE" "$1"; } function log_info() { log "INFO" "$BLUE" "$1"; }
@@ -36,16 +36,14 @@ function log_warn() { log "WARN " "$YELLOW" "$1" >&2; }
# USING TELEGRAM (may change later) # USING TELEGRAM (may change later)
function send_notification() { function send_notification() {
local message="$1" local message="$1"
curl -X POST "https://api.telegram.org/bot$TELEGRAM_TOKEN/sendMessage" \ curl -X POST "https://api.telegram.org/bot$TELEGRAM_TOKEN/sendMessage" \
-d "chat_id=$TELEGRAM_CHAT_ID" \ -d "chat_id=$TELEGRAM_CHAT_ID" \
-d "text=$message" \ -d "text=$message" \
-d "parse_mode=HTML" -d "parse_mode=HTML"
} }
function env_variable() { function env_variable_interaction() {
source $ENV_FILE
local key="$1" local key="$1"
local value="$2" local value="$2"
@@ -56,30 +54,47 @@ function env_variable() {
if grep -Eq "^${key}=" "$ENV_FILE" 2>/dev/null; then if grep -Eq "^${key}=" "$ENV_FILE" 2>/dev/null; then
read -p "$key already set, overwrite? (y/N): " yn read -p "$key already set, overwrite? (y/N): " yn
case "$yn" in case "$yn" in
[yY]*) [yY]*)
sed -i "s/^$key=.*/$key=$value/" "$ENV_FILE" sed -i "s/^$key=.*/$key=$value/" "$ENV_FILE"
log_success "$key updated." log_success "$key updated."
;; ;;
*) *)
log_info "$key not changed." log_info "$key not changed."
;; ;;
esac esac
else else
echo "$key=$value" >> "$ENV_FILE"
echo "$key=$value" >>"$ENV_FILE"
log_success "$key created."
fi
}
function env_variable() {
local key="$1"
local value="$2"
if grep -Eq "^${key}=" "$ENV_FILE" 2>/dev/null; then
sed -i "s/^$key=.*/$key=$value/" "$ENV_FILE"
log_success "$key updated."
else
echo "$key=$value" >>"$ENV_FILE"
log_success "$key created." log_success "$key created."
fi fi
} }
function add_crontab() { function add_crontab() {
if ! command -v crontab >/dev/null 2>&1; then if ! command -v crontab >/dev/null 2>&1; then
log_error "Error: crontab not found." log_error "Error: crontab not found."
fi fi
CRON_JOB=$1 CRON_JOB=$1
crontab -l 2>/dev/null | grep -F "$CRON_JOB" > /dev/null 2>&1 crontab -l 2>/dev/null | grep -F "$CRON_JOB" >/dev/null 2>&1
if ! crontab -l 2>/dev/null | grep -Fq "$CRON_JOB"; then if ! crontab -l 2>/dev/null | grep -Fq "$CRON_JOB"; then
(crontab -l 2>/dev/null; echo "$CRON_JOB") | crontab - (
log_success "Cron job added." crontab -l 2>/dev/null
fi echo "$CRON_JOB"
) | crontab -
log_success "Cron job added."
fi
} }