Refine setup script for dev and prod environment

2de7b35d · Nils Mittler · 0f591c76 · 2de7b35d · 2de7b35d · 2de7b35d
Commit 2de7b35d authored Dec 08, 2021 by Nils Mittler 🕵🏼
--- a/configs/nginx.dev
+++ b/configs/nginx.dev
@@ -4,9 +4,8 @@ map $http_upgrade $connection_upgrade {
 }

 server {
-  listen 80;
-  listen [::]:80;
-  server_name _;
+  listen 4200;
+  server_name localhost;

  root /var/www/frag.jetzt;

@@ -46,7 +45,7 @@ server {
    ##########################
    # SET YOUR AUTH KEY HERE #
    ##########################
-    proxy_set_header "Authorization" "DeepL-Auth-Key <auth_key-goes-here>";
+    proxy_set_header "Authorization" "DeepL-Auth-Key :DEEPL_AUTH_KEY";
  }

  location ^~ /antworte-jetzt {

--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -21,6 +21,7 @@ services:
    networks:
      - fragjetzt
    volumes:
+      - fragjetzt-rabbitmq-data:/var/lib/rabbitmq
      - ./configs/rabbitmq_plugins:/etc/rabbitmq/enabled_plugins

  email:
@@ -70,11 +71,11 @@ services:
    networks:
      - fragjetzt

+networks:
+  fragjetzt:
+
 volumes:
  fragjetzt-psql-data:
    name: fragjetzt-psql-data
-
-networks:
-  fragjetzt:
-    name: fragjetzt
-    driver: bridge
+  fragjetzt-rabbitmq-data:
+    name: fragjetzt-rabbitmq-data
--- a/override-services/backend.dev
+++ b/override-services/backend.dev
+
  backend:
    ports:
      - '127.0.0.1:8888:8888'
--- a/override-services/email.dev
+++ b/override-services/email.dev
+
  email:
    image: mailhog/mailhog
    hostname: fragjetzt-mailhog

--- a/override-services/frontend.dev
+++ b/override-services/frontend.dev
+
  frontend:
    ports:
-      - '127.0.0.1:80:80'
+      - '127.0.0.1:4200:4200'
--- a/override-services/frontend.prod
+++ b/override-services/frontend.prod
+
  frontend:
+    networks:
+      - fragjetzt
+      - proxy
    ports:
      - '0.0.0.0:80:80'
      - '0.0.0.0:443:443'

--- a/override-modules/head
+++ b/override-modules/head
+version: '3'
+
+services:
--- a/override-modules/networks.dev
+++ b/override-modules/networks.dev
+
+networks:
--- a/override-modules/networks.prod
+++ b/override-modules/networks.prod
+
+networks:
+  fragjetzt:
+    name: fragjetzt-internal-network
+    driver: bridge
+    internal: true
+  proxy:
+    name: fragjetzt-proxy-network
+    driver: bridge
+    internal: false
--- a/override-modules/postgres.dev
+++ b/override-modules/postgres.dev
+
+  postgres:
+    ports:
+      - '127.0.0.1:5432:5432'
--- a/override-services/rabbitmq.dev
+++ b/override-services/rabbitmq.dev
+
  rabbitmq:
    image: rabbitmq:3.8-management
    ports:

--- a/override-services/service.disabled
+++ b/override-services/service.disabled
+
  :SERVICE:
    image: busybox:1
    hostname: fragjetzt-:SERVICE-disabled

--- a/override-modules/volumes.dev
+++ b/override-modules/volumes.dev
+
+volumes:
+  fragjetzt-maildir:
+    name: fragjetzt-maildir
--- a/override-modules/volumes.prod
+++ b/override-modules/volumes.prod
+
+volumes:
--- a/override-services/ws-gateway.dev
+++ b/override-services/ws-gateway.dev
+
  ws-gateway:
    ports:
      - '127.0.0.1:8080:8080'
--- a/setup.sh
+++ b/setup.sh
@@ -7,114 +7,210 @@ set -e
 cd "$(dirname $0)"
 WORKDIR="$(pwd)"

+function main {
+
+  # Read Input
+  while true; do
+    case "$1" in
+
+      # GENERAL SECTION
+      --recreate-env )
+        RECREATE_ENV=true; shift ;;
+      --deepl-key )
+        [ -z ${2} ] && echo "No deepl key given."
+        DEEPL_KEY="${2}"; shift 2 ;;
+
+      # DISABLE SERVICES SECTION
+      --no-backend )
+        NO_BACKEND=true; shift ;;
+      --no-frontend )
+        NO_FRONTEND=true; shift ;;
+      --no-ws-gateway )
+        NO_WS_GATEWAY=true; shift ;;
+      --no-email )
+        NO_EMAIL=true; shift ;;
+      --no-psql )
+        NO_PSQL=true; shift ;;
+      --no-rabbit )
+        NO_RABBIT=true; shift ;;
+
+      # PRODUCTION SECTION
+      --prod )
+        PROD=true; shift ;;
+      --domain )
+        [ -z ${2} ] && echo "No domain given."
+        DOMAIN="${2}"; shift 2 ;;
+      --ssl-priv-key )
+        [ -z ${2} ] && echo "No priv key location given."
+        SSL_PRIV_KEY="${2}"; shift 2 ;;
+      --ssl-pub-key )
+        [ -z ${2} ] && echo "No pub key location given."
+        SSL_PUB_KEY="${2}"; shift 2 ;;
+
+      # CLOSING SECTION
+      "" ) break ;;
+      * ) echo "unknown option: $1"; exit 1 ;;
+
+    esac
+  done
+
+  # Check if input is set properly for production
+  if [ ! -z ${PROD} ] && (
+    [ -z ${DOMAIN} ] || [ -z ${SSL_PRIV_KEY} ] || [ -z ${SSL_PUB_KEY} ]
+  ); then
+    echo "On or more arguments are missing for production setup. Required:";
+    echo " --domain       (the fully qualified domain name)"
+    echo " --ssl-priv-key (the location of the private ssl key)"
+    echo " --ssl-pub-key  (the location of the public ssl key)"
+  elif [ ! -z ${PROD} ]; then
+    echo "Using production configuration with following values:"
+    echo " - Domain:                ${DOMAIN}"
+    echo " - SSL priv key location: ${SSL_PRIV_KEY}"
+    echo " - SSL pub key location:  ${SSL_PUB_KEY}"
+  fi
+
+  # Create mandatory directories
+  mkdir -p secrets logs/nginx
+
+  # generate environment variables
+  generateEnvironments
+
+  # generate secret variables
+  generateSecrets
+
+  # write out environment files
+  createEnvironments
+
+  # copy configurations
+  createConfigs
+
+  # write out docker compose override file
+  createComposeOverride
+}
+
+# Only generates the environment variables to use later
 function generateEnvironments {
  if [ -z ${PROD} ]; then
-    CURRENT_DOMAIN="localhost"
+    # The DEV variables
+    DOMAIN="localhost"
    LOGGING_LEVEL_ROOT="INFO"
    APP_MAIL_HOST="fragjetzt-mailhog"
+    SERVER_ROOT_URL="http:\/\/${DOMAIN}:4200"
  else
-    read -p "Domain: " CURRENT_DOMAIN
+    # The PROD variables
    LOGGING_LEVEL_ROOT="ERROR"
    APP_MAIL_HOST="fragjetzt-postfix"
+    SERVER_ROOT_URL="https:\/\/${DOMAIN}"
  fi

-  CURRENT_PORT="80"
-  APP_MAIL_SENDER_ADDRESS="postmaster@${CURRENT_DOMAIN}"
-  SERVER_ROOT_URL="http:\/\/${CURRENT_DOMAIN}:${CURRENT_PORT}\/"
-  MAIL_DOMAIN="${CURRENT_DOMAIN}"
-  MAIL_HOST="${CURRENT_DOMAIN}"
-  ALLOWEDORIGINS="http:\/\/${CURRENT_DOMAIN}:${CURRENT_PORT}"
+  APP_MAIL_SENDER_ADDRESS="postmaster@${DOMAIN}"
+  MAIL_DOMAIN="${DOMAIN}"
+  MAIL_HOST="${DOMAIN}"
+  ALLOWEDORIGINS="${SERVER_ROOT_URL}"
 }

+# Only generates the environment variables to use later
 function generateSecrets {
  if [ -z ${PROD} ]; then
+    # The DEV variables
    POSTGRES_SECRET="fragjetzt"
    RABBITMQ_SECRET="guest"
    JWT_SECRET=$(openssl rand --hex 32)
  else
+    # The PROD variables
    POSTGRES_SECRET=$(openssl rand --hex 32)
    RABBITMQ_SECRET=$(openssl rand --hex 32)
    JWT_SECRET=$(openssl rand --hex 32)
  fi
 }

+# Write out the environment files
 function createEnvironments {
+  # Check if env files are present and should be overwritten
+  if [ -f environments/generated.env ] &&  [ -z ${RECREATE_ENV} ]; then
+    echo "Environment is already set and will not be overwritten."
+    echo "Use --recreate-env if you would like to override it."
+    return
+  fi

-  if [ ! -f environments/generated.env ] || [ ! -z ${RECREATE_ENV} ]; then
-
-    # CONFIG ENV
-    for FILE in environments/*.template; do
-      cat "$FILE" | \
-        sed "s/^APP_MAIL_HOST=\$/APP_MAIL_HOST=${APP_MAIL_HOST}/" | \
-        sed "s/^APP_MAIL_SENDER_ADDRESS=\$/APP_MAIL_SENDER_ADDRESS=${APP_MAIL_SENDER_ADDRESS}/" | \
-        sed "s/^SERVER_ROOT_URL=\$/SERVER_ROOT_URL=${SERVER_ROOT_URL}/" | \
-        sed "s/^LOGGING_LEVEL_ROOT=\$/LOGGING_LEVEL_ROOT=${LOGGING_LEVEL_ROOT}/" | \
-        sed "s/^MAIL_DOMAIN=\$/MAIL_DOMAIN=${MAIL_DOMAIN}/" | \
-        sed "s/^MAIL_HOST=\$/MAIL_HOST=${MAIL_HOST}/" | \
-        sed "s/^ALLOWEDORIGINS=\$/ALLOWEDORIGINS=${ALLOWEDORIGINS}/" \
-      > "${FILE%.template}.env";
-    done
-
-
-    # SECRET ENV
-    for FILE in environments/*.template; do
-      sed -i "s/^SPRING_RABBITMQ_PASSWORD=\$/SPRING_RABBITMQ_PASSWORD=${RABBITMQ_SECRET}/" "${FILE%.template}.env"
-      sed -i "s/^RABBITMQ_DEFAULT_PASS=\$/RABBITMQ_DEFAULT_PASS=${RABBITMQ_SECRET}/" "${FILE%.template}.env"
-      sed -i "s/^STOMP_RELAY_PASSWORD=\$/STOMP_RELAY_PASSWORD=${RABBITMQ_SECRET}/" "${FILE%.template}.env"
-      sed -i "s/^RABBITMQ_PASSWORD=\$/RABBITMQ_PASSWORD=${RABBITMQ_SECRET}/" "${FILE%.template}.env"
-      sed -i "s/^SPRING_R2DBC_PASSWORD=\$/SPRING_R2DBC_PASSWORD=${POSTGRES_SECRET}/" "${FILE%.template}.env"
-      sed -i "s/^POSTGRES_PASSWORD=\$/POSTGRES_PASSWORD=${POSTGRES_SECRET}/" "${FILE%.template}.env"
-      sed -i "s/^SPRING_JWT_SECRET=\$/SPRING_JWT_SECRET=${JWT_SECRET}/" "${FILE%.template}.env"
-      sed -i "s/^SECURITY_JWT_SECRET=\$/SECURITY_JWT_SECRET=${JWT_SECRET}/" "${FILE%.template}.env"
+  # Copy all template files to env files
+  for FILE in environments/*.template; do
+    cp "${FILE}" "${FILE%.template}.env"
+  done
+
+  # Set Environment Strings to be substituted
+  ENV_STRINGS="
+    APP_MAIL_HOST=${APP_MAIL_HOST}
+    APP_MAIL_SENDER_ADDRESS=${APP_MAIL_SENDER_ADDRESS}
+    SERVER_ROOT_URL=${SERVER_ROOT_URL}
+    LOGGING_LEVEL_ROOT=${LOGGING_LEVEL_ROOT}
+    MAIL_DOMAIN=${MAIL_DOMAIN}
+    MAIL_HOST=${MAIL_HOST}
+    ALLOWEDORIGINS=${ALLOWEDORIGINS}
+    SPRING_RABBITMQ_PASSWORD=${RABBITMQ_SECRET}
+    RABBITMQ_DEFAULT_PASS=${RABBITMQ_SECRET}
+    STOMP_RELAY_PASSWORD=${RABBITMQ_SECRET}
+    RABBITMQ_PASSWORD=${RABBITMQ_SECRET}
+    SPRING_R2DBC_PASSWORD=${POSTGRES_SECRET}
+    POSTGRES_PASSWORD=${POSTGRES_SECRET}
+    SPRING_JWT_SECRET=${JWT_SECRET}
+    SECURITY_JWT_SECRET=${JWT_SECRET}
+  "
+
+  # Run the substitution
+  for FILE in environments/*.env; do
+    for ENV_STRING in ${ENV_STRINGS}; do
+      sed -i "s/^${ENV_STRING%%=*}=\$/${ENV_STRING%%=*}=${ENV_STRING#*=}/" "${FILE}"
    done
+  done

-    # BUILD ENV
-    ln -fs rabbitmq_plugins.dev configs/rabbitmq_plugins
-
-    date > environments/generated.env
+  # Save the datetime of environment creation
+  date > environments/generated.env
+}

+function createConfigs {
+  if [ -z ${PROD} ]; then
+    cp configs/rabbitmq_plugins.dev configs/rabbitmq_plugins
+    cp configs/nginx.dev configs/nginx.conf
+    cp configs/postfix.dev configs/postfix
+  else
+    cp configs/rabbitmq_plugins.prod configs/rabbitmq_plugins
+    cp configs/nginx.prod configs/nginx.conf
+    cp configs/postfix.prod configs/postfix
  fi
 }

 function createComposeOverride {
-  cat > docker-compose.override.yml <<MODULES
-version: '3.8'
-
-services:
-$(cat override-services/rabbitmq.dev)
-
-$([ -z ${NO_BACKEND} ] && cat override-services/backend.dev || cat override-services/backend.disabled)
-
-$([ -z ${NO_WS_GATEWAY} ] && cat override-services/ws-gateway.dev || cat override-services/ws-gateway.disabled)
-
-$([ -z ${NO_FRONTEND} ] && cat override-services/frontend.dev || cat override-services/frontend.disabled)
+  cat override-modules/head > docker-compose.override.yml

-$([ -z ${NO_EMAIL} ] && cat override-services/email.dev || cat override-services/email.disabled)
+  if [ -z ${PROD} ]; then
+    [ -z ${NO_BACKEND} ]    && override backend.dev     || disable backend
+    [ -z ${NO_FRONTEND} ]   && override frontend.dev    || disable frontend
+    [ -z ${NO_WS_GATEWAY} ] && override ws-gateway.dev  || disable ws-gateway
+    [ -z ${NO_EMAIL} ]      && override email.dev       || disable email
+    [ -z ${NO_PSQL} ]       && override postgres.dev    || disable postgres
+    [ -z ${NO_RABBIT} ]     && override rabbitmq.dev    || disable rabbitmq
+    override networks.dev
+    override volumes.dev
+  else
+    [ -z ${NO_BACKEND} ]                                || disable backend
+    [ -z ${NO_FRONTEND} ]   && override frontend.prod   || disable frontend
+    [ -z ${NO_WS_GATEWAY} ]                             || disable ws-gateway
+    [ -z ${NO_EMAIL} ]                                  || disable email
+    [ -z ${NO_PSQL} ]                                   || disable postgres
+    [ -z ${NO_RABBIT} ]                                 || disable rabbitmq
+    override networks.prod
+    override volumes.prod
+  fi

-volumes:
-  fragjetzt-maildir:
-    name: fragjetzt-maildir
-MODULES
 }

-while true; do
-  case "$1" in
-    --prod ) PROD=true; shift ;;
-    --no-backend ) NO_BACKEND=true; shift ;;
-    --no-frontend ) NO_FRONTEND=true; shift ;;
-    --no-ws-gateway ) NO_WS_GATEWAY=true; shift ;;
-    --no-email ) NO_EMAIL=true; shift ;;
-    --recreate-env ) RECREATE_ENV=true; shift ;;
-    "" ) break ;;
-    * ) echo "unknown option: $1"; exit 1 ;;
-
-  esac
-done
-
-mkdir -p secrets logs/nginx
+function disable {
+  sed "s/:SERVICE/${1}/g" override-modules/service.disabled >> docker-compose.override.yml
+}

-generateEnvironments
-generateSecrets
-createEnvironments
+function override {
+  cat "override-modules/${1}" >> docker-compose.override.yml
+}

-[ -z $PROD ] && createComposeOverride || rm -f docker-compose.override.yml
+main $@
--- a/test
+++ b/test
+
+  email:
+    image: busybox:1
+    hostname: fragjetzt-email-disabled
+    container_name: fragjetzt-email-disabled
+    restart: 'no'
+    depends_on: []
+    entrypoint: '/bin/echo'
+    command: 'Service disabled.'
+
+  email:
+    image: mailhog/mailhog
+    hostname: fragjetzt-mailhog
+    container_name: fragjetzt-mailhog
+    env_file: ./environments/mailhog.env
+    ports:
+      - '127.0.0.1:8025:8025'
+    volumes:
+      - fragjetzt-maildir:/home/mailhog