Commit 2de7b35d authored by Nils Mittler's avatar Nils Mittler 🕵🏼
Browse files

Refine setup script for dev and prod environment

parent 0f591c76
......@@ -4,9 +4,8 @@ map $http_upgrade $connection_upgrade {
}
server {
listen 80;
listen [::]:80;
server_name _;
listen 4200;
server_name localhost;
root /var/www/frag.jetzt;
......@@ -46,7 +45,7 @@ server {
##########################
# SET YOUR AUTH KEY HERE #
##########################
proxy_set_header "Authorization" "DeepL-Auth-Key <auth_key-goes-here>";
proxy_set_header "Authorization" "DeepL-Auth-Key :DEEPL_AUTH_KEY";
}
location ^~ /antworte-jetzt {
......
......@@ -21,6 +21,7 @@ services:
networks:
- fragjetzt
volumes:
- fragjetzt-rabbitmq-data:/var/lib/rabbitmq
- ./configs/rabbitmq_plugins:/etc/rabbitmq/enabled_plugins
email:
......@@ -70,11 +71,11 @@ services:
networks:
- fragjetzt
networks:
fragjetzt:
volumes:
fragjetzt-psql-data:
name: fragjetzt-psql-data
networks:
fragjetzt:
name: fragjetzt
driver: bridge
fragjetzt-rabbitmq-data:
name: fragjetzt-rabbitmq-data
email:
image: mailhog/mailhog
hostname: fragjetzt-mailhog
......
frontend:
ports:
- '127.0.0.1:80:80'
- '127.0.0.1:4200:4200'
frontend:
networks:
- fragjetzt
- proxy
ports:
- '0.0.0.0:80:80'
- '0.0.0.0:443:443'
......
version: '3'
services:
networks:
fragjetzt:
name: fragjetzt-internal-network
driver: bridge
internal: true
proxy:
name: fragjetzt-proxy-network
driver: bridge
internal: false
postgres:
ports:
- '127.0.0.1:5432:5432'
:SERVICE:
image: busybox:1
hostname: fragjetzt-:SERVICE-disabled
......
volumes:
fragjetzt-maildir:
name: fragjetzt-maildir
......@@ -7,114 +7,210 @@ set -e
cd "$(dirname $0)"
WORKDIR="$(pwd)"
function main {
# Read Input
while true; do
case "$1" in
# GENERAL SECTION
--recreate-env )
RECREATE_ENV=true; shift ;;
--deepl-key )
[ -z ${2} ] && echo "No deepl key given."
DEEPL_KEY="${2}"; shift 2 ;;
# DISABLE SERVICES SECTION
--no-backend )
NO_BACKEND=true; shift ;;
--no-frontend )
NO_FRONTEND=true; shift ;;
--no-ws-gateway )
NO_WS_GATEWAY=true; shift ;;
--no-email )
NO_EMAIL=true; shift ;;
--no-psql )
NO_PSQL=true; shift ;;
--no-rabbit )
NO_RABBIT=true; shift ;;
# PRODUCTION SECTION
--prod )
PROD=true; shift ;;
--domain )
[ -z ${2} ] && echo "No domain given."
DOMAIN="${2}"; shift 2 ;;
--ssl-priv-key )
[ -z ${2} ] && echo "No priv key location given."
SSL_PRIV_KEY="${2}"; shift 2 ;;
--ssl-pub-key )
[ -z ${2} ] && echo "No pub key location given."
SSL_PUB_KEY="${2}"; shift 2 ;;
# CLOSING SECTION
"" ) break ;;
* ) echo "unknown option: $1"; exit 1 ;;
esac
done
# Check if input is set properly for production
if [ ! -z ${PROD} ] && (
[ -z ${DOMAIN} ] || [ -z ${SSL_PRIV_KEY} ] || [ -z ${SSL_PUB_KEY} ]
); then
echo "On or more arguments are missing for production setup. Required:";
echo " --domain (the fully qualified domain name)"
echo " --ssl-priv-key (the location of the private ssl key)"
echo " --ssl-pub-key (the location of the public ssl key)"
elif [ ! -z ${PROD} ]; then
echo "Using production configuration with following values:"
echo " - Domain: ${DOMAIN}"
echo " - SSL priv key location: ${SSL_PRIV_KEY}"
echo " - SSL pub key location: ${SSL_PUB_KEY}"
fi
# Create mandatory directories
mkdir -p secrets logs/nginx
# generate environment variables
generateEnvironments
# generate secret variables
generateSecrets
# write out environment files
createEnvironments
# copy configurations
createConfigs
# write out docker compose override file
createComposeOverride
}
# Only generates the environment variables to use later
function generateEnvironments {
if [ -z ${PROD} ]; then
CURRENT_DOMAIN="localhost"
# The DEV variables
DOMAIN="localhost"
LOGGING_LEVEL_ROOT="INFO"
APP_MAIL_HOST="fragjetzt-mailhog"
SERVER_ROOT_URL="http:\/\/${DOMAIN}:4200"
else
read -p "Domain: " CURRENT_DOMAIN
# The PROD variables
LOGGING_LEVEL_ROOT="ERROR"
APP_MAIL_HOST="fragjetzt-postfix"
SERVER_ROOT_URL="https:\/\/${DOMAIN}"
fi
CURRENT_PORT="80"
APP_MAIL_SENDER_ADDRESS="postmaster@${CURRENT_DOMAIN}"
SERVER_ROOT_URL="http:\/\/${CURRENT_DOMAIN}:${CURRENT_PORT}\/"
MAIL_DOMAIN="${CURRENT_DOMAIN}"
MAIL_HOST="${CURRENT_DOMAIN}"
ALLOWEDORIGINS="http:\/\/${CURRENT_DOMAIN}:${CURRENT_PORT}"
APP_MAIL_SENDER_ADDRESS="postmaster@${DOMAIN}"
MAIL_DOMAIN="${DOMAIN}"
MAIL_HOST="${DOMAIN}"
ALLOWEDORIGINS="${SERVER_ROOT_URL}"
}
# Only generates the environment variables to use later
function generateSecrets {
if [ -z ${PROD} ]; then
# The DEV variables
POSTGRES_SECRET="fragjetzt"
RABBITMQ_SECRET="guest"
JWT_SECRET=$(openssl rand --hex 32)
else
# The PROD variables
POSTGRES_SECRET=$(openssl rand --hex 32)
RABBITMQ_SECRET=$(openssl rand --hex 32)
JWT_SECRET=$(openssl rand --hex 32)
fi
}
# Write out the environment files
function createEnvironments {
# Check if env files are present and should be overwritten
if [ -f environments/generated.env ] && [ -z ${RECREATE_ENV} ]; then
echo "Environment is already set and will not be overwritten."
echo "Use --recreate-env if you would like to override it."
return
fi
if [ ! -f environments/generated.env ] || [ ! -z ${RECREATE_ENV} ]; then
# CONFIG ENV
for FILE in environments/*.template; do
cat "$FILE" | \
sed "s/^APP_MAIL_HOST=\$/APP_MAIL_HOST=${APP_MAIL_HOST}/" | \
sed "s/^APP_MAIL_SENDER_ADDRESS=\$/APP_MAIL_SENDER_ADDRESS=${APP_MAIL_SENDER_ADDRESS}/" | \
sed "s/^SERVER_ROOT_URL=\$/SERVER_ROOT_URL=${SERVER_ROOT_URL}/" | \
sed "s/^LOGGING_LEVEL_ROOT=\$/LOGGING_LEVEL_ROOT=${LOGGING_LEVEL_ROOT}/" | \
sed "s/^MAIL_DOMAIN=\$/MAIL_DOMAIN=${MAIL_DOMAIN}/" | \
sed "s/^MAIL_HOST=\$/MAIL_HOST=${MAIL_HOST}/" | \
sed "s/^ALLOWEDORIGINS=\$/ALLOWEDORIGINS=${ALLOWEDORIGINS}/" \
> "${FILE%.template}.env";
done
# SECRET ENV
for FILE in environments/*.template; do
sed -i "s/^SPRING_RABBITMQ_PASSWORD=\$/SPRING_RABBITMQ_PASSWORD=${RABBITMQ_SECRET}/" "${FILE%.template}.env"
sed -i "s/^RABBITMQ_DEFAULT_PASS=\$/RABBITMQ_DEFAULT_PASS=${RABBITMQ_SECRET}/" "${FILE%.template}.env"
sed -i "s/^STOMP_RELAY_PASSWORD=\$/STOMP_RELAY_PASSWORD=${RABBITMQ_SECRET}/" "${FILE%.template}.env"
sed -i "s/^RABBITMQ_PASSWORD=\$/RABBITMQ_PASSWORD=${RABBITMQ_SECRET}/" "${FILE%.template}.env"
sed -i "s/^SPRING_R2DBC_PASSWORD=\$/SPRING_R2DBC_PASSWORD=${POSTGRES_SECRET}/" "${FILE%.template}.env"
sed -i "s/^POSTGRES_PASSWORD=\$/POSTGRES_PASSWORD=${POSTGRES_SECRET}/" "${FILE%.template}.env"
sed -i "s/^SPRING_JWT_SECRET=\$/SPRING_JWT_SECRET=${JWT_SECRET}/" "${FILE%.template}.env"
sed -i "s/^SECURITY_JWT_SECRET=\$/SECURITY_JWT_SECRET=${JWT_SECRET}/" "${FILE%.template}.env"
# Copy all template files to env files
for FILE in environments/*.template; do
cp "${FILE}" "${FILE%.template}.env"
done
# Set Environment Strings to be substituted
ENV_STRINGS="
APP_MAIL_HOST=${APP_MAIL_HOST}
APP_MAIL_SENDER_ADDRESS=${APP_MAIL_SENDER_ADDRESS}
SERVER_ROOT_URL=${SERVER_ROOT_URL}
LOGGING_LEVEL_ROOT=${LOGGING_LEVEL_ROOT}
MAIL_DOMAIN=${MAIL_DOMAIN}
MAIL_HOST=${MAIL_HOST}
ALLOWEDORIGINS=${ALLOWEDORIGINS}
SPRING_RABBITMQ_PASSWORD=${RABBITMQ_SECRET}
RABBITMQ_DEFAULT_PASS=${RABBITMQ_SECRET}
STOMP_RELAY_PASSWORD=${RABBITMQ_SECRET}
RABBITMQ_PASSWORD=${RABBITMQ_SECRET}
SPRING_R2DBC_PASSWORD=${POSTGRES_SECRET}
POSTGRES_PASSWORD=${POSTGRES_SECRET}
SPRING_JWT_SECRET=${JWT_SECRET}
SECURITY_JWT_SECRET=${JWT_SECRET}
"
# Run the substitution
for FILE in environments/*.env; do
for ENV_STRING in ${ENV_STRINGS}; do
sed -i "s/^${ENV_STRING%%=*}=\$/${ENV_STRING%%=*}=${ENV_STRING#*=}/" "${FILE}"
done
done
# BUILD ENV
ln -fs rabbitmq_plugins.dev configs/rabbitmq_plugins
date > environments/generated.env
# Save the datetime of environment creation
date > environments/generated.env
}
function createConfigs {
if [ -z ${PROD} ]; then
cp configs/rabbitmq_plugins.dev configs/rabbitmq_plugins
cp configs/nginx.dev configs/nginx.conf
cp configs/postfix.dev configs/postfix
else
cp configs/rabbitmq_plugins.prod configs/rabbitmq_plugins
cp configs/nginx.prod configs/nginx.conf
cp configs/postfix.prod configs/postfix
fi
}
function createComposeOverride {
cat > docker-compose.override.yml <<MODULES
version: '3.8'
services:
$(cat override-services/rabbitmq.dev)
$([ -z ${NO_BACKEND} ] && cat override-services/backend.dev || cat override-services/backend.disabled)
$([ -z ${NO_WS_GATEWAY} ] && cat override-services/ws-gateway.dev || cat override-services/ws-gateway.disabled)
$([ -z ${NO_FRONTEND} ] && cat override-services/frontend.dev || cat override-services/frontend.disabled)
cat override-modules/head > docker-compose.override.yml
$([ -z ${NO_EMAIL} ] && cat override-services/email.dev || cat override-services/email.disabled)
if [ -z ${PROD} ]; then
[ -z ${NO_BACKEND} ] && override backend.dev || disable backend
[ -z ${NO_FRONTEND} ] && override frontend.dev || disable frontend
[ -z ${NO_WS_GATEWAY} ] && override ws-gateway.dev || disable ws-gateway
[ -z ${NO_EMAIL} ] && override email.dev || disable email
[ -z ${NO_PSQL} ] && override postgres.dev || disable postgres
[ -z ${NO_RABBIT} ] && override rabbitmq.dev || disable rabbitmq
override networks.dev
override volumes.dev
else
[ -z ${NO_BACKEND} ] || disable backend
[ -z ${NO_FRONTEND} ] && override frontend.prod || disable frontend
[ -z ${NO_WS_GATEWAY} ] || disable ws-gateway
[ -z ${NO_EMAIL} ] || disable email
[ -z ${NO_PSQL} ] || disable postgres
[ -z ${NO_RABBIT} ] || disable rabbitmq
override networks.prod
override volumes.prod
fi
volumes:
fragjetzt-maildir:
name: fragjetzt-maildir
MODULES
}
while true; do
case "$1" in
--prod ) PROD=true; shift ;;
--no-backend ) NO_BACKEND=true; shift ;;
--no-frontend ) NO_FRONTEND=true; shift ;;
--no-ws-gateway ) NO_WS_GATEWAY=true; shift ;;
--no-email ) NO_EMAIL=true; shift ;;
--recreate-env ) RECREATE_ENV=true; shift ;;
"" ) break ;;
* ) echo "unknown option: $1"; exit 1 ;;
esac
done
mkdir -p secrets logs/nginx
function disable {
sed "s/:SERVICE/${1}/g" override-modules/service.disabled >> docker-compose.override.yml
}
generateEnvironments
generateSecrets
createEnvironments
function override {
cat "override-modules/${1}" >> docker-compose.override.yml
}
[ -z $PROD ] && createComposeOverride || rm -f docker-compose.override.yml
main $@
email:
image: busybox:1
hostname: fragjetzt-email-disabled
container_name: fragjetzt-email-disabled
restart: 'no'
depends_on: []
entrypoint: '/bin/echo'
command: 'Service disabled.'
email:
image: mailhog/mailhog
hostname: fragjetzt-mailhog
container_name: fragjetzt-mailhog
env_file: ./environments/mailhog.env
ports:
- '127.0.0.1:8025:8025'
volumes:
- fragjetzt-maildir:/home/mailhog
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment