|
|
@ -29,6 +29,12 @@ get_ip() {
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
get_ssh_port() {
|
|
|
|
|
|
|
|
if [[ -z "$ssh_port" ]]; then
|
|
|
|
|
|
|
|
ssh_port=$(cat /etc/ssh/sshd_config.d/custom.conf | grep "Port " | sed 's/^Port //')
|
|
|
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Deployment Debian + Caddy + Directus + Nuxt${RESET}"
|
|
|
|
echo -e "${PURPLE}${BOLD}Deployment Debian + Caddy + Directus + Nuxt${RESET}"
|
|
|
|
|
|
|
|
|
|
|
|
if [ "$EUID" -ne 0 ]; then
|
|
|
|
if [ "$EUID" -ne 0 ]; then
|
|
|
@ -45,6 +51,10 @@ systemctl disable --now apache2
|
|
|
|
echo -e "${PURPLE}${BOLD}Create a user ? (y/N) ${RESET}"
|
|
|
|
echo -e "${PURPLE}${BOLD}Create a user ? (y/N) ${RESET}"
|
|
|
|
read answer
|
|
|
|
read answer
|
|
|
|
if [[ "$answer" == "y" ]]; then
|
|
|
|
if [[ "$answer" == "y" ]]; then
|
|
|
|
|
|
|
|
if id "debian" &>/dev/null; then
|
|
|
|
|
|
|
|
sudo deluser --remove-home "debian"
|
|
|
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Create user${RESET}"
|
|
|
|
echo -e "${PURPLE}${BOLD}Create user${RESET}"
|
|
|
|
|
|
|
|
|
|
|
|
read -p "Enter username: " username
|
|
|
|
read -p "Enter username: " username
|
|
|
@ -74,10 +84,15 @@ read answer
|
|
|
|
if [[ "$answer" == "y" ]]; then
|
|
|
|
if [[ "$answer" == "y" ]]; then
|
|
|
|
echo -e "${PURPLE}${BOLD}Setup SSH${RESET}"
|
|
|
|
echo -e "${PURPLE}${BOLD}Setup SSH${RESET}"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ssh_port=$((RANDOM % (65536 - 1024 + 1) + 1024))
|
|
|
|
|
|
|
|
|
|
|
|
touch /etc/ssh/sshd_config.d/custom.conf
|
|
|
|
touch /etc/ssh/sshd_config.d/custom.conf
|
|
|
|
echo "PermitRootLogin no" >> /etc/ssh/sshd_config.d/custom.conf
|
|
|
|
echo "PermitRootLogin no" >> /etc/ssh/sshd_config.d/custom.conf
|
|
|
|
echo "PermitEmptyPasswords no" >> /etc/ssh/sshd_config.d/custom.conf
|
|
|
|
echo "PermitEmptyPasswords no" >> /etc/ssh/sshd_config.d/custom.conf
|
|
|
|
|
|
|
|
echo "Port ${ssh_port}" >> /etc/ssh/sshd_config.d/custom.conf
|
|
|
|
systemctl reload ssh
|
|
|
|
systemctl reload ssh
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -e "${ORANGE}${BOLD}Store the ssh port ${ssh_port} somewhere safe${RESET}"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
#
|
|
|
@ -244,62 +259,127 @@ if [[ "$answer" == "y" ]]; then
|
|
|
|
echo
|
|
|
|
echo
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
echo -e "${ORANGE}${BOLD}Generate and store the credentials somewhere safe${RESET}"
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Enter the Directus admin email : ${RESET}"
|
|
|
|
|
|
|
|
read directus_admin_email
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Enter the Directus admin password : ${RESET}"
|
|
|
|
|
|
|
|
read -s directus_admin_password
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
env_file="${cms_directory}/.env"
|
|
|
|
|
|
|
|
port=8055
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
key=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
|
|
|
|
|
|
|
|
secret=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo "set -g default-shell /bin/sh" >> /etc/tmux.conf
|
|
|
|
echo "set -g default-shell /bin/sh" >> /etc/tmux.conf
|
|
|
|
|
|
|
|
su -s /bin/bash -c "mkdir ${cms_directory}" www-data
|
|
|
|
|
|
|
|
|
|
|
|
su -s /bin/bash -c "mkdir ${cms_directory} &&\
|
|
|
|
echo -e "${PURPLE}${BOLD}Import the Directus database ? (y/N) ${RESET}"
|
|
|
|
mkdir ${cms_directory}/uploads &&\
|
|
|
|
read answer
|
|
|
|
echo \"HOST='${ip}'\" >> ${env_file} &&\
|
|
|
|
if [[ "$answer" == "y" ]]; then
|
|
|
|
echo \"PORT=${port}\" >> ${env_file} &&\
|
|
|
|
get_ssh_port
|
|
|
|
echo \"PUBLIC_URL='https://cms.${domain_name}'\" >> ${env_file} &&\
|
|
|
|
get_username
|
|
|
|
echo \"DB_CLIENT='mysql'\" >> ${env_file} &&\
|
|
|
|
get_ip
|
|
|
|
echo \"DB_HOST='127.0.0.1'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"DB_PORT='3306'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"DB_DATABASE='directus'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"DB_USER='directus'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"DB_PASSWORD='${db_directus_password}'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"SECRET='${secret}'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"KEY='${key}'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"CORS_ENABLED='true'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"CORS_ORIGIN='true'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
cd ${cms_directory} &&\
|
|
|
|
|
|
|
|
npm init -y &&\
|
|
|
|
|
|
|
|
npx directus bootstrap --skipAdminInit &&\
|
|
|
|
|
|
|
|
tmux new-session -d -s directus &&\
|
|
|
|
|
|
|
|
tmux send-keys -t directus \"cd ${cms_directory} && npx directus start\" C-m &&\
|
|
|
|
|
|
|
|
npx directus roles create --role Administrator --admin true &&\
|
|
|
|
|
|
|
|
npx directus roles create --role Website &&\
|
|
|
|
|
|
|
|
npx directus roles create --role User" www-data
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
admin_role_uuid=$(echo $(mariadb -u directus -p${db_directus_password} \
|
|
|
|
echo -e "${PURPLE}${BOLD}Import the .tar.gz archive from your local storage${RESET}"
|
|
|
|
-e "SELECT id FROM directus.directus_roles WHERE name='Administrator'") | awk '{print $2}')
|
|
|
|
echo -e "${PURPLE}The archive should contain the sql dump, the upload directory and the .env file${RESET}"
|
|
|
|
website_role_uuid=$(echo $(mariadb -u directus -p${db_directus_password} \
|
|
|
|
echo -e "${BLUE}scp -P ${ssh_port} /local/path/to/archive.tar.gz ${username}@${ip}:/home/${username}/${RESET}"
|
|
|
|
-e "SELECT id FROM directus.directus_roles WHERE name='Website'") | awk '{print $2}')
|
|
|
|
echo -e "${PURPLE}${BOLD}Press any key when done${RESET}"
|
|
|
|
user_role_uuid=$(echo $(mariadb -u directus -p${db_directus_password} \
|
|
|
|
read
|
|
|
|
-e "SELECT id FROM directus.directus_roles WHERE name='User'") | awk '{print $2}')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
website_password=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
|
|
|
|
tar -xzf "/home/${username}/*.tar.gz" -C "${cms_directory}"
|
|
|
|
|
|
|
|
rm "/home/${username}/*.tar.gz"
|
|
|
|
|
|
|
|
|
|
|
|
su -s /bin/bash -c "cd ${cms_directory} &&\
|
|
|
|
sed -i "s/^\(DB_PASSWORD=\)'.*'$/\1'$db_directus_password'/" "${cms_directory}/.env"
|
|
|
|
npx directus users create --email \"${directus_admin_email}\" \
|
|
|
|
|
|
|
|
--password \"${directus_admin_password}\" --role \"${admin_role_uuid}\" &&\
|
|
|
|
|
|
|
|
npx directus users create --email \"website@${domain_name}\" --password \"${website_password}\" --role \"${website_role_uuid}\"" www-data
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
website_token=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
|
|
|
|
port=$(cat ${cms_directory}/.env | grep "^PORT=" | sed 's/^PORT=//')
|
|
|
|
mariadb -u directus -p${db_directus_password} -e "UPDATE directus.directus_roles SET icon='robot' WHERE name='Website'";
|
|
|
|
sql_dump=$(ls ${cms_directory}/*.sql)
|
|
|
|
mariadb -u directus -p${db_directus_password} -e "UPDATE directus.directus_roles SET app_access='0' WHERE name='Website'";
|
|
|
|
|
|
|
|
mariadb -u directus -p${db_directus_password} -e "UPDATE directus.directus_users SET token=\"${website_token}\" WHERE email=\"website@${domain_name}\"";
|
|
|
|
install_pkg expect
|
|
|
|
|
|
|
|
LOAD_DIRECTUS_DB=$(expect -c "
|
|
|
|
|
|
|
|
spawn mariadb -u directus -p directus < $sql_dump
|
|
|
|
|
|
|
|
expect \"Enter password:\"
|
|
|
|
|
|
|
|
send \"$db_directus_password\r\"
|
|
|
|
|
|
|
|
expect eof
|
|
|
|
|
|
|
|
")
|
|
|
|
|
|
|
|
echo "${LOAD_DIRECTUS_DB}" >& /dev/null
|
|
|
|
|
|
|
|
rm $sql_dump
|
|
|
|
|
|
|
|
chown -R www-data:www-data $cms_directory
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
su -s /bin/bash -c "cd ${cms_directory} &&\
|
|
|
|
|
|
|
|
npm init -y &&\
|
|
|
|
|
|
|
|
npx directus bootstrap --skipAdminInit &&\
|
|
|
|
|
|
|
|
npx directus database migrate:latest
|
|
|
|
|
|
|
|
tmux new-session -d -s directus &&\
|
|
|
|
|
|
|
|
tmux send-keys -t directus \"cd ${cms_directory} && npx directus start\" C-m" www-data
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Directus migration complete${RESET}"
|
|
|
|
|
|
|
|
else
|
|
|
|
|
|
|
|
echo -e "${ORANGE}${BOLD}Generate and store the credentials somewhere safe${RESET}"
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Enter the Directus admin email : ${RESET}"
|
|
|
|
|
|
|
|
read directus_admin_email
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Enter the Directus admin password : ${RESET}"
|
|
|
|
|
|
|
|
read -s directus_admin_password
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
env_file="${cms_directory}/.env"
|
|
|
|
|
|
|
|
port=8055
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
key=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
|
|
|
|
|
|
|
|
secret=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
su -s /bin/bash -c "mkdir ${cms_directory} &&\
|
|
|
|
|
|
|
|
mkdir ${cms_directory}/uploads &&\
|
|
|
|
|
|
|
|
echo \"HOST='${ip}'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"PORT=${port}\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"PUBLIC_URL='https://cms.${domain_name}'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"DB_CLIENT='mysql'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"DB_HOST='127.0.0.1'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"DB_PORT='3306'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"DB_DATABASE='directus'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"DB_USER='directus'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"DB_PASSWORD='${db_directus_password}'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"SECRET='${secret}'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"KEY='${key}'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"CORS_ENABLED='true'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
echo \"CORS_ORIGIN='true'\" >> ${env_file} &&\
|
|
|
|
|
|
|
|
cd ${cms_directory} &&\
|
|
|
|
|
|
|
|
npm init -y &&\
|
|
|
|
|
|
|
|
npx directus bootstrap --skipAdminInit &&\
|
|
|
|
|
|
|
|
tmux new-session -d -s directus &&\
|
|
|
|
|
|
|
|
tmux send-keys -t directus \"cd ${cms_directory} && npx directus start\" C-m &&\
|
|
|
|
|
|
|
|
npx directus roles create --role Administrator --admin true &&\
|
|
|
|
|
|
|
|
npx directus roles create --role Website &&\
|
|
|
|
|
|
|
|
npx directus roles create --role User" www-data
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
admin_role_uuid=$(echo $(mariadb -u directus -p${db_directus_password} \
|
|
|
|
|
|
|
|
-e "SELECT id FROM directus.directus_roles WHERE name='Administrator'") | awk '{print $2}')
|
|
|
|
|
|
|
|
website_role_uuid=$(echo $(mariadb -u directus -p${db_directus_password} \
|
|
|
|
|
|
|
|
-e "SELECT id FROM directus.directus_roles WHERE name='Website'") | awk '{print $2}')
|
|
|
|
|
|
|
|
user_role_uuid=$(echo $(mariadb -u directus -p${db_directus_password} \
|
|
|
|
|
|
|
|
-e "SELECT id FROM directus.directus_roles WHERE name='User'") | awk '{print $2}')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
website_password=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
su -s /bin/bash -c "cd ${cms_directory} &&\
|
|
|
|
|
|
|
|
npx directus users create --email \"${directus_admin_email}\" \
|
|
|
|
|
|
|
|
--password \"${directus_admin_password}\" --role \"${admin_role_uuid}\" &&\
|
|
|
|
|
|
|
|
npx directus users create --email \"website@${domain_name}\" --password \"${website_password}\" --role \"${website_role_uuid}\"" www-data
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
website_token=$(head -c 16 /dev/urandom | od -An -tx1 | tr -d ' \n')
|
|
|
|
|
|
|
|
mariadb -u directus -p${db_directus_password} -e "UPDATE directus.directus_roles SET icon='robot' WHERE name='Website'";
|
|
|
|
|
|
|
|
mariadb -u directus -p${db_directus_password} -e "UPDATE directus.directus_roles SET app_access='0' WHERE name='Website'";
|
|
|
|
|
|
|
|
mariadb -u directus -p${db_directus_password} -e "UPDATE directus.directus_users SET token=\"${website_token}\" WHERE email=\"website@${domain_name}\"";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Import Directus data model ? (y/N) ${RESET}"
|
|
|
|
|
|
|
|
read answer
|
|
|
|
|
|
|
|
if [[ "$answer" == "y" ]]; then
|
|
|
|
|
|
|
|
get_username
|
|
|
|
|
|
|
|
get_ip
|
|
|
|
|
|
|
|
get_ssh_port
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Import local Directus data model${RESET}"
|
|
|
|
|
|
|
|
echo -e "${BLUE}npx directus schema snapshot ./snapshot.yaml${RESET}"
|
|
|
|
|
|
|
|
echo -e "${BLUE}scp -P ${ssh_port} /local/path/to/snapshot.yaml ${username}@${ip}:/home/${username}/snapshot.yaml${RESET}"
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Press any key when done${RESET}"
|
|
|
|
|
|
|
|
read
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
su -s /bin/bash -c "cd ${cms_directory} &&\
|
|
|
|
|
|
|
|
npx directus schema apply --yes /home/${username}/snapshot.yaml" www-data
|
|
|
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}You can now add some content${RESET}"
|
|
|
|
|
|
|
|
echo -e "${ORANGE}${BOLD}Do not forget to set the permissions${RESET}"
|
|
|
|
|
|
|
|
echo -e "${ORANGE}${BOLD}Website role ${RESET}${ORANGE}Read content collections and directus_files${RESET}"
|
|
|
|
|
|
|
|
echo -e "${ORANGE}${BOLD}User role ${RESET}${ORANGE}All permissions on content collections, directus_files and directus_folders${RESET}"
|
|
|
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
caddyfile="/etc/caddy/Caddyfile"
|
|
|
|
caddyfile="/etc/caddy/Caddyfile"
|
|
|
|
echo "cms.${domain_name} {" >> $caddyfile
|
|
|
|
echo "cms.${domain_name} {" >> $caddyfile
|
|
|
@ -308,27 +388,6 @@ if [[ "$answer" == "y" ]]; then
|
|
|
|
caddy fmt $caddyfile -w
|
|
|
|
caddy fmt $caddyfile -w
|
|
|
|
caddy reload -c $caddyfile
|
|
|
|
caddy reload -c $caddyfile
|
|
|
|
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Import Directus data model ? (y/N) ${RESET}"
|
|
|
|
|
|
|
|
read answer
|
|
|
|
|
|
|
|
if [[ "$answer" == "y" ]]; then
|
|
|
|
|
|
|
|
get_username
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Import local Directus data model${RESET}"
|
|
|
|
|
|
|
|
echo -e "${BLUE}npx directus schema snapshot ./snapshot.yaml${RESET}"
|
|
|
|
|
|
|
|
echo -e "${BLUE}scp /local/path/to/snapshot.yaml ${username}@${ip}:/home/${username}/snapshot.yaml${RESET}"
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Press any key when done${RESET}"
|
|
|
|
|
|
|
|
read
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
su -s /bin/bash -c "cd ${cms_directory} &&\
|
|
|
|
|
|
|
|
npx directus schema apply --yes /home/${username}/snapshot.yaml" www-data
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}You can now add some content${RESET}"
|
|
|
|
|
|
|
|
echo -e "${ORANGE}${BOLD}Do not forget to set the permissions${RESET}"
|
|
|
|
|
|
|
|
echo -e "${ORANGE}${BOLD}Website role ${RESET}${ORANGE}Read content collections and directus_files${RESET}"
|
|
|
|
|
|
|
|
echo -e "${ORANGE}${BOLD}User role ${RESET}${ORANGE}All permissions on content collections, directus_files and directus_folders${RESET}"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo -e "${PURPLE}${BOLD}Access Directus ${RESET}${PURPLE}https://cms.${domain_name}${RESET}"
|
|
|
|
echo -e "${PURPLE}${BOLD}Access Directus ${RESET}${PURPLE}https://cms.${domain_name}${RESET}"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|