rayelliott
/
wordpress-dev
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

provision webserver working

This commit is contained in:
Ray Elliott 2020-03-12 19:19:15 +00:00
parent 213fbb4a5a
commit ce426e3f30
5 changed files with 39 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -4,6 +4,7 @@ TODO
## TODO ## TODO
* implement option to not have remote url include hostname (i.e., bare domain)
* convert scripts to use ssh pipes/bash here documents. * convert scripts to use ssh pipes/bash here documents.
see [ssh pipes](https://stackoverflow.com/a/4412324), [Bash Here Document](https://stackoverflow.com/a/4412338) see [ssh pipes](https://stackoverflow.com/a/4412324), [Bash Here Document](https://stackoverflow.com/a/4412338)
* Script to export database from production database * Script to export database from production database

3
config-example
View File

@ -25,6 +25,9 @@ export _wp_plugins_active="elementor wp-mail-smtp gdpr-cookie-compliance regener
export _remote_host="www" export _remote_host="www"
export _domain="isnet.uk" export _domain="isnet.uk"
# set to true to ude bare domain
export _bare_domain='false'
_lets_encrypt_email="letsencrpt.wp@rayelliott.dev"
export _docker_user="ray" export _docker_user="ray"
export _docker_base_dir="/var/docker" export _docker_base_dir="/var/docker"

5
production/export-data.sh Executable file
View File

@ -0,0 +1,5 @@
#!/bin/sh
set -e

26
production/webserver-setup.sh
View File

@ -1,11 +1,17 @@
#!/bin/sh #!/bin/sh
set -e
# TODO basic error checking # TODO basic error checking
# TODO verbosity # TODO verbosity
# TODO hardening # TODO hardening
_lets_encrypt_email="wptest@isnet.uk" export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
_server_base_url="wptest.isnet.uk"
_server_base_url="$_domain"
echo "Provisioning: $_server_base_url$ - (whoami)@$(hostname)"
_docker_container_config_dir="/var/docker" _docker_container_config_dir="/var/docker"
_docker_compose_version="1.25.4" _docker_compose_version="1.25.4"
@ -18,6 +24,7 @@ cp /root/.ssh/authorized_keys /home/ray/.ssh/
chown ray: /home/ray/.ssh/authorized_keys chown ray: /home/ray/.ssh/authorized_keys
apt-get update apt-get update
apt-get upgrade --yes
apt-get install \ apt-get install \
apt-transport-https \ apt-transport-https \
ca-certificates \ ca-certificates \
@ -30,9 +37,9 @@ apt-get install \
ufw allow ssh ufw allow ssh
ufw allow http ufw allow http
ufw allow https ufw allow https
ufw enable ufw --force enable
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add - curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
add-apt-repository \ add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/debian \ "deb [arch=amd64] https://download.docker.com/linux/debian \
$(lsb_release -cs) \ $(lsb_release -cs) \
@ -154,5 +161,14 @@ networks:
" >> docker-compose.yml " >> docker-compose.yml
docker-compose up -d docker-compose up -d
echo "VISIT PORTAINER URL NOW TO SET INITIAL LOGIN:" # or see if can set from script echo "-------------------------------------------------------------------------"
echo ""
echo "VISIT PORTAINER URL NOW TO SET INITIAL LOGIN:"
echo " https://$_portainer_url" echo " https://$_portainer_url"
echo ""
echo "Traefik URl: https://$_server_base_url"
echo ""
echo "WARNING: May get insecure SSL errors"
echo " this is temporary while certs are in process of being issued"
rm /tmp/setup.sh

9
webserver-provision.sh Executable file
View File

@ -0,0 +1,9 @@
#!/bin/sh
. ./config
_ssh_url="root@$_remote_host.$_domain"
# ssh "$_remote_host.$_domain" '/bin/bash -s' < ./production/webserver-setup.sh
cat config ./production/webserver-setup.sh | ssh "$_ssh_url" "cat >/tmp/setup.sh"
ssh $_ssh_url '/bin/bash /tmp/setup.sh'