start modularisation
This commit is contained in:
parent
9607769086
commit
41378a31c6
|
@ -1,5 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
# https://docs.gitea.com/usage/webhooks
|
// https://docs.gitea.com/usage/webhooks
|
||||||
|
|
||||||
// check for POST request
|
// check for POST request
|
||||||
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
|
||||||
|
@ -33,7 +33,38 @@ if (json_last_error() !== JSON_ERROR_NONE) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// success, do something
|
// success, do something
|
||||||
$repo_name = $decoded['repository']['name'];
|
$current_date = date('d-m-y_H-i-s', time());
|
||||||
echo "launching hook script ";
|
$log_directory = '../webhook/logs';
|
||||||
echo shell_exec('bash ../webhook/webhook.sh ' . $repo_name . ' >> ../webhook/webhook.log 2>&1');
|
|
||||||
|
// create the log folder if needed
|
||||||
|
if (!file_exists($log_directory)) {
|
||||||
|
mkdir($log_directory, 0777, true);
|
||||||
|
}
|
||||||
|
|
||||||
|
// clean the log folder if needed
|
||||||
|
if (count(scandir($log_directory)) > 10) {
|
||||||
|
$files = scandir($log_directory);
|
||||||
|
$log_files = array_diff($files, array('.', '..'));
|
||||||
|
usort($files, function($a, $b) use ($log_directory) {
|
||||||
|
return filemtime("$log_directory/$a") - filemtime("$log_directory/$b");
|
||||||
|
});
|
||||||
|
for ($i = 0; $i < 5; $i++) {
|
||||||
|
unlink("$log_directory/{$files[$i]}");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset($decoded['repository'])) {
|
||||||
|
// git hook
|
||||||
|
echo shell_exec('bash ../webhook/webhook.sh ' . 'git' . ' >> ' . $log_directory . '/webhook_' . $current_date . '.log 2>&1');
|
||||||
|
} else {
|
||||||
|
// directus hook
|
||||||
|
$debounce_delay = 1 * 60;
|
||||||
|
file_put_contents("debounce_hook", time());
|
||||||
|
sleep($debounce_delay);
|
||||||
|
|
||||||
|
if (time() >= intval(file_get_contents('debounce_hook')) + $debounce_delay) {
|
||||||
|
|
||||||
|
echo shell_exec('bash ../webhook/webhook.sh ' . 'directus' . ' >> ' . $log_directory . '/webhook_' . $current_date . '.log 2>&1');
|
||||||
|
}
|
||||||
|
}
|
||||||
?>
|
?>
|
|
@ -1,17 +1,19 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
repo_name=$1
|
hook_origin=$1
|
||||||
cms_dir=$(ls -d /var/www/repositories/cms*/)
|
repo_name=$(ls /var/www/repositories/ | grep -v '^cms')
|
||||||
|
|
||||||
tmux send-keys -t directus C-c
|
|
||||||
tmux send-keys -t front C-c
|
|
||||||
|
|
||||||
cd /var/www/repositories/$repo_name
|
cd /var/www/repositories/$repo_name
|
||||||
|
|
||||||
|
echo "Trigger : ${hook_origin}"
|
||||||
|
|
||||||
|
if [[ "$hook_origin" == "git" ]]; then
|
||||||
git pull origin prod
|
git pull origin prod
|
||||||
|
fi
|
||||||
|
|
||||||
jq '.scripts |= with_entries(.value |= gsub("\\bnuxt \\b"; "./node_modules/nuxt/bin/nuxt.mjs "))' package.json > temp.json && mv temp.json package.json
|
jq '.scripts |= with_entries(.value |= gsub("\\bnuxt \\b"; "./node_modules/nuxt/bin/nuxt.mjs "))' package.json > temp.json && mv temp.json package.json
|
||||||
|
|
||||||
NUXT_TELEMETRY_DISABLED=1 ; npm install -y
|
node --max-old-space-size=250 `which npm` install -y
|
||||||
npm run build
|
node --max-old-space-size=250 `which npm` run generate --prerender
|
||||||
|
|
||||||
tmux send-keys -t front "cd /var/www/repositories/${repo_name} && node .output/server/index.mjs" C-m
|
rm -r /var/www/html/public
|
||||||
tmux send-keys -t directus "cd ${cms_dir} && npx directus start" C-m
|
cp -r "/var/www/repositories/${repo_name}/.output/public" /var/www/html
|
|
@ -0,0 +1,23 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
. bin/variables.sh
|
||||||
|
|
||||||
|
echo -e "${PURPLE}${BOLD}Create user${RESET}"
|
||||||
|
|
||||||
|
read -p "Enter username: " username
|
||||||
|
|
||||||
|
if id "$username" &>/dev/null; then
|
||||||
|
echo "User '$username' already exists."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo -e "${ORANGE}${BOLD}Generate and store the password somewhere safe${RESET}"
|
||||||
|
read -s -p "Enter password: " password
|
||||||
|
echo
|
||||||
|
useradd -m "$username"
|
||||||
|
chsh -s /bin/bash $username
|
||||||
|
echo "$username:$password" | chpasswd
|
||||||
|
|
||||||
|
usermod -aG sudo $username
|
||||||
|
|
||||||
|
echo -e "${PURPLE}${BOLD}User '$username' created with password successfully.${RESET}"
|
|
@ -0,0 +1,27 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
install_pkg() {
|
||||||
|
pkg="$1"
|
||||||
|
if ! dpkg -s "$pkg" >/dev/null 2>&1; then
|
||||||
|
apt update && apt install -y "$pkg"
|
||||||
|
echo -e "${PURPLE}${BOLD}${pkg} installed${RESET}"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
get_username() {
|
||||||
|
if [[ -z "$username" ]]; then
|
||||||
|
username=$(getent passwd 1001 | cut -d: -f1)
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
get_ip() {
|
||||||
|
if [[ -z "$ip" ]]; then
|
||||||
|
ip=$(hostname -I | cut -d' ' -f1)
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
get_ssh_port() {
|
||||||
|
if [[ -z "$ssh_port" ]]; then
|
||||||
|
ssh_port=$(cat /etc/ssh/sshd_config.d/custom.conf | grep "Port " | sed 's/^Port //')
|
||||||
|
fi
|
||||||
|
}
|
|
@ -0,0 +1,38 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
. bin/variables.sh
|
||||||
|
. bin/functions.sh
|
||||||
|
|
||||||
|
get_ssh_port
|
||||||
|
get_username
|
||||||
|
get_ip
|
||||||
|
|
||||||
|
echo -e "${PURPLE}${BOLD}Import the .tar.gz archive from your local storage${RESET}"
|
||||||
|
echo -e "${PURPLE}The archive should contain the sql dump, the upload directory and the .env file${RESET}"
|
||||||
|
echo -e "${BLUE}scp -P ${ssh_port} /local/path/to/archive.tar.gz ${username}@${ip}:/home/${username}/${RESET}"
|
||||||
|
echo -e "${PURPLE}${BOLD}Press any key when done${RESET}"
|
||||||
|
read
|
||||||
|
|
||||||
|
directus_archive=$(ls /home/${username}/*.tar.gz);
|
||||||
|
|
||||||
|
tar -xzf "${directus_archive}" -C "${CMS_DIRECTORY}" --strip-components=2
|
||||||
|
rm "${directus_archive}"
|
||||||
|
|
||||||
|
sed -i "s/^\(DB_PASSWORD=\)'.*'$/\1'$DB_DIRECTUS_PASSWORD'/" "${CMS_DIRECTORY}/.env"
|
||||||
|
|
||||||
|
port=$(cat ${CMS_DIRECTORY}/.env | grep "^PORT=" | sed 's/^PORT=//')
|
||||||
|
sql_dump=$(ls ${CMS_DIRECTORY}/*.sql)
|
||||||
|
|
||||||
|
install_pkg expect
|
||||||
|
mariadb -u directus -p"$DB_DIRECTUS_PASSWORD" directus < "$sql_dump"
|
||||||
|
rm $sql_dump
|
||||||
|
chown -R www-data:www-data $CMS_DIRECTORY
|
||||||
|
|
||||||
|
su -s /bin/bash -c "cd ${CMS_DIRECTORY} &&\
|
||||||
|
npm init -y &&\
|
||||||
|
npx directus bootstrap --skipAdminInit &&\
|
||||||
|
npx directus database migrate:latest
|
||||||
|
tmux new-session -d -s directus &&\
|
||||||
|
tmux send-keys -t directus \"cd ${CMS_DIRECTORY} && npx directus start\" C-m" www-data
|
||||||
|
|
||||||
|
echo -e "${PURPLE}Directus launched with imported database${RESET}"
|
|
@ -0,0 +1,19 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
. bin/variables.sh
|
||||||
|
. bin/functions.sh
|
||||||
|
|
||||||
|
if systemctl is-enabled apache2 >/dev/null 2>&1; then
|
||||||
|
systemctl disable --now apache2
|
||||||
|
fi
|
||||||
|
|
||||||
|
install_pkg debian-keyring
|
||||||
|
install_pkg debian-archive-keyring
|
||||||
|
install_pkg apt-transport-https
|
||||||
|
install_pkg curl
|
||||||
|
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
|
||||||
|
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | tee /etc/apt/sources.list.d/caddy-stable.list
|
||||||
|
install_pkg caddy
|
||||||
|
> /etc/caddy/Caddyfile
|
||||||
|
|
||||||
|
echo -e "${PURPLE}${BOLD}Caddy Webserver installed${RESET}"
|
|
@ -0,0 +1,27 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
. bin/variables.sh
|
||||||
|
. bin/functions.sh
|
||||||
|
|
||||||
|
install_pkg tmux
|
||||||
|
|
||||||
|
if [[ -z "$DB_DIRECTUS_PASSWORD" ]]; then
|
||||||
|
echo -e "${PURPLE}${BOLD}Enter the MariaDB Directus password : ${RESET}"
|
||||||
|
read -s DB_DIRECTUS_PASSWORD
|
||||||
|
echo
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ -z "$CMS_DIRECTORY" ]]; then
|
||||||
|
. bin/set_url.sh
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "set -g default-shell /bin/sh" >> /etc/tmux.conf
|
||||||
|
su -s /bin/bash -c "mkdir ${CMS_DIRECTORY}" www-data
|
||||||
|
|
||||||
|
echo -e "${PURPLE}${BOLD}Import the Directus database ? (y/N) ${RESET}"
|
||||||
|
read answer
|
||||||
|
if [[ "$answer" == "y" ]]; then
|
||||||
|
. bin/import_directus_db.sh
|
||||||
|
else
|
||||||
|
. bin/setup_directus.sh
|
||||||
|
fi
|
|
@ -0,0 +1,40 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Automate mysql secure installation for debian-based systems
|
||||||
|
# https://gist.github.com/coderua/5592d95970038944d099
|
||||||
|
|
||||||
|
. bin/variables.sh
|
||||||
|
. bin/functions.sh
|
||||||
|
|
||||||
|
install_pkg mariadb-server
|
||||||
|
echo -e "${ORANGE}${BOLD}Generate and store the password somewhere safe${RESET}"
|
||||||
|
echo -e "${PURPLE}${BOLD}Enter the MariaDB root password : ${RESET}"
|
||||||
|
read -s DB_ROOT_PASSWORD
|
||||||
|
echo
|
||||||
|
install_pkg expect
|
||||||
|
secure_mysql=$(expect -c "
|
||||||
|
set timeout 3
|
||||||
|
spawn mysql_secure_installation
|
||||||
|
expect \"Enter current password for root (enter for none):\"
|
||||||
|
send \"\r\"
|
||||||
|
expect \"Switch to unix_socket authentication \\[Y/n\\]\"
|
||||||
|
send \"n\r\"
|
||||||
|
expect \"Change the root password? \\[Y/n\\]\"
|
||||||
|
send \"y\r\"
|
||||||
|
expect \"New password:\"
|
||||||
|
send \"$DB_ROOT_PASSWORD\r\"
|
||||||
|
expect \"Re-enter new password:\"
|
||||||
|
send \"$DB_ROOT_PASSWORD\r\"
|
||||||
|
expect \"Remove anonymous users?\"
|
||||||
|
send \"y\r\"
|
||||||
|
expect \"Disallow root login remotely?\"
|
||||||
|
send \"y\r\"
|
||||||
|
expect \"Remove test database and access to it?\"
|
||||||
|
send \"y\r\"
|
||||||
|
expect \"Reload privilege tables now?\"
|
||||||
|
send \"y\r\"
|
||||||
|
expect eof
|
||||||
|
")
|
||||||
|
echo "${secure_mysql}"
|
||||||
|
|
||||||
|
echo -e "${PURPLE}MariaDB is installed and secure${RESET}"
|
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
. bin/variables.sh
|
||||||
|
. bin/functions.sh
|
||||||
|
|
||||||
|
touch /var/www/.bashrc
|
||||||
|
mkdir /var/www/.nvm
|
||||||
|
mkdir /var/www/.npm
|
||||||
|
chown -R www-data:www-data /var/www
|
||||||
|
|
||||||
|
install_pkg build-essential
|
||||||
|
|
||||||
|
su -s /bin/bash -c 'curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash &&\
|
||||||
|
export NVM_DIR="$HOME/.nvm" &&\
|
||||||
|
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" &&\
|
||||||
|
[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion" &&\
|
||||||
|
nvm install v18' www-data
|
||||||
|
ln -sf /var/www/.nvm/versions/node/v18.*/bin/node /usr/bin/node
|
||||||
|
ln -sf /var/www/.nvm/versions/node/v18.*/bin/npm /usr/bin/npm
|
||||||
|
ln -sf /var/www/.nvm/versions/node/v18.*/bin/npx /usr/bin/npx
|
||||||
|
|
||||||
|
echo -e "${PURPLE}Node installed${RESET}";
|
|
@ -0,0 +1,20 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
. bin/variables.sh
|
||||||
|
. bin/functions.sh
|
||||||
|
|
||||||
|
echo -e "${PURPLE}${BOLD}Enter the domain name of the website${RESET}"
|
||||||
|
read DOMAIN_NAME
|
||||||
|
get_ip
|
||||||
|
|
||||||
|
echo -e "${PURPLE}${BOLD}Configure the ${DOMAIN_NAME} DNS ZONE as the following${RESET}"
|
||||||
|
echo -e "${BLUE}Domain : ${DOMAIN_NAME} | Type : A | Target : ${ip}${RESET}"
|
||||||
|
echo -e "${BLUE}Domain : cms.${DOMAIN_NAME} | Type : A | Target : ${ip}${RESET}"
|
||||||
|
echo -e "${BLUE}Domain : www.${DOMAIN_NAME} | Type : A | Target : ${ip}${RESET}"
|
||||||
|
echo -e "${PURPLE}${BOLD}Press any key when done${RESET}"
|
||||||
|
read
|
||||||
|
|
||||||
|
repo_directory="/var/www/repositories"
|
||||||
|
mkdir $repo_directory
|
||||||
|
chown www-data:www-data $repo_directory
|
||||||
|
CMS_DIRECTORY="${repo_directory}/cms_${DOMAIN_NAME}"
|
|
@ -0,0 +1,82 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
. bin/variables.sh
|
||||||
|
. bin/functions.sh
|
||||||
|
|
||||||
|
echo -e "${ORANGE}${BOLD}Generate and store the credentials somewhere safe${RESET}"
|
||||||
|
echo -e "${PURPLE}${BOLD}Enter the Directus admin email : ${RESET}"
|
||||||
|
read directus_admin_email
|
||||||
|
echo -e "${PURPLE}${BOLD}Enter the Directus admin password : ${RESET}"
|
||||||
|
read -s directus_admin_password
|
||||||
|
|
||||||
|
env_file="${CMS_DIRECTORY}/.env"
|
||||||
|
port=8055
|
||||||
|
|
||||||
|
key=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
|
||||||
|
secret=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
|
||||||
|
|
||||||
|
su -s /bin/bash -c "mkdir ${CMS_DIRECTORY} &&\
|
||||||
|
mkdir ${CMS_DIRECTORY}/uploads &&\
|
||||||
|
echo \"HOST='${ip}'\" >> ${env_file} &&\
|
||||||
|
echo \"PORT=${port}\" >> ${env_file} &&\
|
||||||
|
echo \"PUBLIC_URL='https://cms.${DOMAIN_NAME}'\" >> ${env_file} &&\
|
||||||
|
echo \"DB_CLIENT='mysql'\" >> ${env_file} &&\
|
||||||
|
echo \"DB_HOST='127.0.0.1'\" >> ${env_file} &&\
|
||||||
|
echo \"DB_PORT='3306'\" >> ${env_file} &&\
|
||||||
|
echo \"DB_DATABASE='directus'\" >> ${env_file} &&\
|
||||||
|
echo \"DB_USER='directus'\" >> ${env_file} &&\
|
||||||
|
echo \"DB_PASSWORD='${DB_DIRECTUS_PASSWORD}'\" >> ${env_file} &&\
|
||||||
|
echo \"SECRET='${secret}'\" >> ${env_file} &&\
|
||||||
|
echo \"KEY='${key}'\" >> ${env_file} &&\
|
||||||
|
echo \"CORS_ENABLED='true'\" >> ${env_file} &&\
|
||||||
|
echo \"CORS_ORIGIN='true'\" >> ${env_file} &&\
|
||||||
|
echo \"IMPORT_IP_DENY_LIST=\" >> ${env_file} &&\
|
||||||
|
cd ${CMS_DIRECTORY} &&\
|
||||||
|
npm init -y &&\
|
||||||
|
npx directus bootstrap --skipAdminInit &&\
|
||||||
|
tmux new-session -d -s directus &&\
|
||||||
|
tmux send-keys -t directus \"cd ${CMS_DIRECTORY} && npx directus start\" C-m &&\
|
||||||
|
npx directus roles create --role Administrator --admin true &&\
|
||||||
|
npx directus roles create --role Website &&\
|
||||||
|
npx directus roles create --role User" www-data
|
||||||
|
|
||||||
|
admin_role_uuid=$(echo $(mariadb -u directus -p${DB_DIRECTUS_PASSWORD} \
|
||||||
|
-e "SELECT id FROM directus.directus_roles WHERE name='Administrator'") | awk '{print $2}')
|
||||||
|
website_role_uuid=$(echo $(mariadb -u directus -p${DB_DIRECTUS_PASSWORD} \
|
||||||
|
-e "SELECT id FROM directus.directus_roles WHERE name='Website'") | awk '{print $2}')
|
||||||
|
user_role_uuid=$(echo $(mariadb -u directus -p${DB_DIRECTUS_PASSWORD} \
|
||||||
|
-e "SELECT id FROM directus.directus_roles WHERE name='User'") | awk '{print $2}')
|
||||||
|
|
||||||
|
website_password=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
|
||||||
|
|
||||||
|
su -s /bin/bash -c "cd ${CMS_DIRECTORY} &&\
|
||||||
|
npx directus users create --email \"${directus_admin_email}\" \
|
||||||
|
--password \"${directus_admin_password}\" --role \"${admin_role_uuid}\" &&\
|
||||||
|
npx directus users create --email \"website@${DOMAIN_NAME}\" --password \"${website_password}\" --role \"${website_role_uuid}\"" www-data
|
||||||
|
|
||||||
|
website_token=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
|
||||||
|
mariadb -u directus -p${DB_DIRECTUS_PASSWORD} -e "UPDATE directus.directus_roles SET icon='robot' WHERE name='Website'";
|
||||||
|
mariadb -u directus -p${DB_DIRECTUS_PASSWORD} -e "UPDATE directus.directus_roles SET app_access='0' WHERE name='Website'";
|
||||||
|
mariadb -u directus -p${DB_DIRECTUS_PASSWORD} -e "UPDATE directus.directus_users SET token=\"${website_token}\" WHERE email=\"website@${DOMAIN_NAME}\"";
|
||||||
|
|
||||||
|
echo -e "${PURPLE}${BOLD}Import Directus data model ? (y/N) ${RESET}"
|
||||||
|
read answer
|
||||||
|
if [[ "$answer" == "y" ]]; then
|
||||||
|
get_username
|
||||||
|
get_ip
|
||||||
|
get_ssh_port
|
||||||
|
|
||||||
|
echo -e "${PURPLE}${BOLD}Import local Directus data model${RESET}"
|
||||||
|
echo -e "${BLUE}npx directus schema snapshot ./snapshot.yaml${RESET}"
|
||||||
|
echo -e "${BLUE}scp -P ${ssh_port} /local/path/to/snapshot.yaml ${username}@${ip}:/home/${username}/snapshot.yaml${RESET}"
|
||||||
|
echo -e "${PURPLE}${BOLD}Press any key when done${RESET}"
|
||||||
|
read
|
||||||
|
|
||||||
|
su -s /bin/bash -c "cd ${CMS_DIRECTORY} &&\
|
||||||
|
npx directus schema apply --yes /home/${username}/snapshot.yaml" www-data
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo -e "${PURPLE}${BOLD}You can now add some content${RESET}"
|
||||||
|
echo -e "${ORANGE}${BOLD}Do not forget to set the permissions${RESET}"
|
||||||
|
echo -e "${ORANGE}${BOLD}Website role ${RESET}${ORANGE}Read content collections and directus_files${RESET}"
|
||||||
|
echo -e "${ORANGE}${BOLD}User role ${RESET}${ORANGE}All permissions on content collections, directus_files and directus_folders${RESET}"
|
|
@ -0,0 +1,35 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
. bin/variables.sh
|
||||||
|
. bin/functions.sh
|
||||||
|
|
||||||
|
if ! dpkg -s mariadb-server >/dev/null 2>&1; then
|
||||||
|
. bin/install_mariadb.sh
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo -e "${ORANGE}${BOLD}Generate and store the password somewhere safe${RESET}"
|
||||||
|
echo -e "${PURPLE}${BOLD}Enter the MariaDB Directus password : ${RESET}"
|
||||||
|
read -s DB_DIRECTUS_PASSWORD
|
||||||
|
echo
|
||||||
|
if [[ -z "$DB_ROOT_PASSWORD" ]]; then
|
||||||
|
echo -e "${PURPLE}${BOLD}Enter the MariaDB root password : ${RESET}"
|
||||||
|
read -s DB_ROOT_PASSWORD
|
||||||
|
echo
|
||||||
|
fi
|
||||||
|
install_pkg expect
|
||||||
|
create_directus_db=$(expect -c "
|
||||||
|
spawn mariadb -u root -p
|
||||||
|
expect \"Enter password:\"
|
||||||
|
send \"$DB_ROOT_PASSWORD\r\"
|
||||||
|
expect \"mysql>\"
|
||||||
|
send \"CREATE USER 'directus'@'localhost' IDENTIFIED BY '${DB_DIRECTUS_PASSWORD}';\r\"
|
||||||
|
send \"CREATE DATABASE directus;\r\"
|
||||||
|
send \"GRANT ALL PRIVILEGES ON directus.* TO 'directus'@'localhost' IDENTIFIED BY '${DB_DIRECTUS_PASSWORD}';\r\"
|
||||||
|
send \"FLUSH PRIVILEGES;\r\"
|
||||||
|
expect \"mysql>\"
|
||||||
|
send \"quit;\r\"
|
||||||
|
expect eof
|
||||||
|
")
|
||||||
|
echo "${create_directus_db}" >& /dev/null
|
||||||
|
|
||||||
|
echo -e "${PURPLE}Directus database created${RESET}"
|
|
@ -0,0 +1,15 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
. bin/variables.sh
|
||||||
|
. bin/functions.sh
|
||||||
|
|
||||||
|
echo -e "${PURPLE}${BOLD}Setup Firewall and Fail2ban${RESET}"
|
||||||
|
install_pkg ufw
|
||||||
|
install_pkg fail2ban
|
||||||
|
systemctl enable fail2ban
|
||||||
|
get_ssh_port
|
||||||
|
ufw allow $ssh_port
|
||||||
|
ufw allow http
|
||||||
|
ufw allow https
|
||||||
|
|
||||||
|
echo -e "${PURPLE}Firewall and Fail2ban are setup${RESET}"
|
|
@ -0,0 +1,15 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
. bin/variables.sh
|
||||||
|
|
||||||
|
echo -e "${PURPLE}${BOLD}Setup SSH${RESET}"
|
||||||
|
|
||||||
|
ssh_port=$((RANDOM % (65536 - 1024 + 1) + 1024))
|
||||||
|
|
||||||
|
touch /etc/ssh/sshd_config.d/custom.conf
|
||||||
|
echo "PermitRootLogin no" >> /etc/ssh/sshd_config.d/custom.conf
|
||||||
|
echo "PermitEmptyPasswords no" >> /etc/ssh/sshd_config.d/custom.conf
|
||||||
|
echo "Port ${ssh_port}" >> /etc/ssh/sshd_config.d/custom.conf
|
||||||
|
systemctl reload ssh
|
||||||
|
|
||||||
|
echo -e "${ORANGE}${BOLD}Store the ssh port ${ssh_port} somewhere safe${RESET}"
|
|
@ -0,0 +1,14 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Texts layout
|
||||||
|
PURPLE='\033[35m'
|
||||||
|
ORANGE='\033[33m'
|
||||||
|
BLUE='\033[34m'
|
||||||
|
BOLD='\033[1m'
|
||||||
|
RESET='\033[0m'
|
||||||
|
|
||||||
|
DB_ROOT_PASSWORD=""
|
||||||
|
DB_DIRECTUS_PASSWORD=""
|
||||||
|
|
||||||
|
DOMAIN_NAME=""
|
||||||
|
CMS_DIRECTORY=""
|
11
install.sh
11
install.sh
|
@ -258,6 +258,10 @@ if [[ "$answer" == "y" ]]; then
|
||||||
echo "set -g default-shell /bin/sh" >> /etc/tmux.conf
|
echo "set -g default-shell /bin/sh" >> /etc/tmux.conf
|
||||||
su -s /bin/bash -c "mkdir ${cms_directory}" www-data
|
su -s /bin/bash -c "mkdir ${cms_directory}" www-data
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
echo -e "${PURPLE}${BOLD}Import the Directus database ? (y/N) ${RESET}"
|
echo -e "${PURPLE}${BOLD}Import the Directus database ? (y/N) ${RESET}"
|
||||||
read answer
|
read answer
|
||||||
if [[ "$answer" == "y" ]]; then
|
if [[ "$answer" == "y" ]]; then
|
||||||
|
@ -322,6 +326,7 @@ if [[ "$answer" == "y" ]]; then
|
||||||
echo \"KEY='${key}'\" >> ${env_file} &&\
|
echo \"KEY='${key}'\" >> ${env_file} &&\
|
||||||
echo \"CORS_ENABLED='true'\" >> ${env_file} &&\
|
echo \"CORS_ENABLED='true'\" >> ${env_file} &&\
|
||||||
echo \"CORS_ORIGIN='true'\" >> ${env_file} &&\
|
echo \"CORS_ORIGIN='true'\" >> ${env_file} &&\
|
||||||
|
echo \"IMPORT_IP_DENY_LIST=\" >> ${env_file} &&\
|
||||||
cd ${cms_directory} &&\
|
cd ${cms_directory} &&\
|
||||||
npm init -y &&\
|
npm init -y &&\
|
||||||
npx directus bootstrap --skipAdminInit &&\
|
npx directus bootstrap --skipAdminInit &&\
|
||||||
|
@ -423,6 +428,8 @@ if [[ "$answer" == "y" ]]; then
|
||||||
node --max-old-space-size=250 `which npm` run generate --prerender" www-data
|
node --max-old-space-size=250 `which npm` run generate --prerender" www-data
|
||||||
|
|
||||||
cp -r "${front_directory}/.output/public" /var/www/html
|
cp -r "${front_directory}/.output/public" /var/www/html
|
||||||
|
chown -R www-data:www-data /var/www/html/public
|
||||||
|
|
||||||
|
|
||||||
caddyfile="/etc/caddy/Caddyfile"
|
caddyfile="/etc/caddy/Caddyfile"
|
||||||
echo "www.${domain_name} {" >> $caddyfile
|
echo "www.${domain_name} {" >> $caddyfile
|
||||||
|
@ -454,8 +461,8 @@ if [[ "$answer" == "y" ]]; then
|
||||||
cp ./assets/webhook.sh /var/www/webhook
|
cp ./assets/webhook.sh /var/www/webhook
|
||||||
chown www-data:www-data /var/www/webhook/webhook.sh
|
chown www-data:www-data /var/www/webhook/webhook.sh
|
||||||
chmod u+x /var/www/webhook/webhook.sh
|
chmod u+x /var/www/webhook/webhook.sh
|
||||||
touch /var/www/webhook/webhook.log
|
mkdir /var/www/webhook/logs
|
||||||
chown www-data:www-data /var/www/webhook/webhook.log
|
chown www-data:www-data /var/www/webhook/logs
|
||||||
|
|
||||||
head -n $(($(wc -l < $caddyfile) - 2)) $caddyfile > temp_Caddyfile && mv temp_Caddyfile $caddyfile
|
head -n $(($(wc -l < $caddyfile) - 2)) $caddyfile > temp_Caddyfile && mv temp_Caddyfile $caddyfile
|
||||||
echo "handle /webhook.php {" >> $caddyfile
|
echo "handle /webhook.php {" >> $caddyfile
|
||||||
|
|
|
@ -0,0 +1,78 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
. bin/functions.sh
|
||||||
|
. bin/variables.sh
|
||||||
|
|
||||||
|
echo -e "${PURPLE}${BOLD}Deployment Debian + Caddy + Directus + Nuxt${RESET}"
|
||||||
|
|
||||||
|
if [ "$EUID" -ne 0 ]; then
|
||||||
|
echo "Please run as root"
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
|
||||||
|
# A ENVOYER AU WEBHOOK
|
||||||
|
install_pkg php
|
||||||
|
install_pkg php-fpm
|
||||||
|
|
||||||
|
# USER
|
||||||
|
echo -e "${PURPLE}${BOLD}Create a user ? (y/N) ${RESET}"
|
||||||
|
read answer
|
||||||
|
if [[ "$answer" == "y" ]]; then
|
||||||
|
. bin/create_user.sh
|
||||||
|
fi
|
||||||
|
|
||||||
|
# SSH
|
||||||
|
echo -e "${PURPLE}${BOLD}Setup SSH ? (y/N) ${RESET}"
|
||||||
|
read answer
|
||||||
|
if [[ "$answer" == "y" ]]; then
|
||||||
|
. bin/setup_ssh.sh
|
||||||
|
fi
|
||||||
|
|
||||||
|
# FIREWALL AND FAIL2BAN
|
||||||
|
echo -e "${PURPLE}${BOLD}Setup Firewall and Fail2ban ? (y/N) ${RESET}"
|
||||||
|
read answer
|
||||||
|
if [[ "$answer" == "y" ]]; then
|
||||||
|
. bin/setup_firewall_fail2ban.sh
|
||||||
|
fi
|
||||||
|
|
||||||
|
# CADDY
|
||||||
|
echo -e "${PURPLE}${BOLD}Install Caddy webserver ? (y/N) ${RESET}"
|
||||||
|
read answer
|
||||||
|
if [[ "$answer" == "y" ]]; then
|
||||||
|
. bin/install_caddy.sh
|
||||||
|
fi
|
||||||
|
|
||||||
|
# MARIADB
|
||||||
|
echo -e "${PURPLE}${BOLD}Install MariaDB ? (y/N) ${RESET}"
|
||||||
|
read answer
|
||||||
|
if [[ "$answer" == "y" ]]; then
|
||||||
|
. bin/install_mariadb.sh
|
||||||
|
fi
|
||||||
|
|
||||||
|
# DIRECTUS DB
|
||||||
|
echo -e "${PURPLE}${BOLD}Setup Directus database ? (y/N) ${RESET}"
|
||||||
|
read answer
|
||||||
|
if [[ "$answer" == "y" ]]; then
|
||||||
|
. bin/setup_directus_db.sh
|
||||||
|
fi
|
||||||
|
|
||||||
|
# NODE
|
||||||
|
echo -e "${PURPLE}${BOLD}Install Node ? (y/N) ${RESET}"
|
||||||
|
read answer
|
||||||
|
if [[ "$answer" == "y" ]]; then
|
||||||
|
. bin/install_node.sh
|
||||||
|
fi
|
||||||
|
|
||||||
|
# SET URL
|
||||||
|
echo -e "${PURPLE}${BOLD}Set url ? (y/N) ${RESET}"
|
||||||
|
read answer
|
||||||
|
if [[ "$answer" == "y" ]]; then
|
||||||
|
. bin/set_url.sh
|
||||||
|
fi
|
||||||
|
|
||||||
|
# INSTALL DIRECTUS
|
||||||
|
echo -e "${PURPLE}${BOLD}Install Directus ? (y/N) ${RESET}"
|
||||||
|
read answer
|
||||||
|
if [[ "$answer" == "y" ]]; then
|
||||||
|
. bin/install_directus.sh
|
||||||
|
fi
|
Loading…
Reference in New Issue