-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrun.sh
110 lines (98 loc) · 4.86 KB
/
run.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
#!/bin/bash
# set first_run=0 to run setup
first_run=0
if ! [ -e ./.env ] ; then
touch ./.env
fi
if ! [ -w ./.env ] ; then
printf 'cannot write to %s\n' ./.env
exit 1
fi
if [ $first_run -eq 0 ]; then
if [ $(grep -c 'RAND_VAR=' ./.env) -eq 1 ]; then
printf '(skipped) - .env already contains "RAND_VAR" - edit manually\n'
else
printf 'Injecting RAND_VAR into .env\n'
rand_var=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 42; echo)
echo "RAND_VAR=$rand_var" >> ./.env
printf 'done\n'
fi
if [ $(grep -c 'CRYPT_GIT_REPO=' ./.env) -eq 1 ]; then
printf '(skipped) - .env already contains "CRYPT_GIT_REPO" - edit manually\n'
else
printf 'Injecting CRYPT_GIT_REPO into ./env\n'
read -rp 'Enter your repository clone address - eg: https://<PAT>@github.com/username/repo.git : ' git_address
crypt_git_address=$(echo $git_address | openssl enc -aes-256-ctr -A -pbkdf2 -a -k $rand_var)
echo "CRYPT_GIT_REPO=$crypt_git_address" >> ./.env
printf 'done\n'
fi
if [ $(grep -c 'CRYPT_SECRET=' ./.env) -eq 1 ]; then
printf '(skipped) - .env already contains "CRYPT_SECRET" - edit manually\n'
else
printf 'Injecting CRYPT_SECRET into .env\n'
read -rp 'Enter your webhook secret ' secret
crypt_secret=$(echo $secret | openssl enc -aes-256-ctr -A -pbkdf2 -a -k $rand_var)
echo "CRYPT_SECRET=$crypt_secret" >> ./.env
printf 'done\n'
fi
printf 'Setting up .htpasswd for nginx basic auth and self signed ssl cert\n'
read -rp "Do you want this script to run 'sudo apt install apache2-utils openssl'? (y/N): " install_htpasswd
if [[ "$install_htpasswd" =~ ^([yY][eE][sS]|[yY])$ ]]; then
sudo apt install apache2-utils openssl
else
printf "skipping...\n"
fi
if [[ -f ./nginx-certificate.crt ]]; then
read -rp 'nginx-certificate.crt already exists - do you wish to regenerate it? (y/N):' regenerate_cert
if [[ "$regenerate_cert" =~ ^([yY][eE][sS]|[yY])$ ]]; then
printf '\n'
printf 'Generating self signed ssl certificate\n'
read -rp "Populating 'CN' field - enter your FQDN or host's IP: " CN_field
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out nginx-certificate.crt -keyout nginx.key -subj "/C=AU/ST=QLD/L=Brisbane/O=Global Security/OU=IT Department/CN=$CN_field"
fi
else
printf '\n'
printf 'Generating self signed ssl certificate\n'
read -rp "Populating 'CN' field - enter your FQDN or host's IP (local IP if using ngrok): " CN_field
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out nginx-certificate.crt -keyout nginx.key -subj "/C=AU/ST=QLD/L=Brisbane/O=Global Security/OU=IT Department/CN=$CN_field"
fi
if [[ -f ./.htpasswd ]]; then
read -rp '.htpasswd already exists - do you wish to regenerate it? (y/N):' regenerate_htpasswd
if [[ "$regenerate_htpasswd" =~ ^([yY][eE][sS]|[yY])$ ]]; then
printf 'Configuring basic auth for nginx - generating .htpasswd\n'
read -rp 'Enter your user: ' username
htpasswd -c ./.htpasswd $username
printf "Added user $username to .htpasswd\n To add additional user(s) run 'htpasswd ./.htpasswd <user> or edit the file directly\n"
fi
else
printf 'Configuring basic auth for nginx - generating .htpasswd\n'
read -rp 'Enter your user: ' username
htpasswd -c ./.htpasswd $username
printf "Added user $username to .htpasswd\n To add additional user(s) run 'htpasswd ./.htpasswd <user> or edit the file directly\n"
fi
read -rp 'add additional user(s)? (y/N): ' more_users
while [[ "$more_users" =~ ^([yY][eE][sS]|[yY])$ ]]; do
read -rp 'Enter your user: ' add_user
htpasswd ./.htpasswd $add_user
printf "Added user $add_user to .htpasswd\n"
read -rp 'add additional user(s)? (y/N): ' more_users
done
printf 'Config done... building image\n'
docker stop mkdocs
docker container remove mkdocs
docker image remove mkdocs
docker build -t mkdocs .
printf 'Image built - mkdocs\n'
fi
read -rp "Run the container now? (y/N): " runit
if [[ "$runit" =~ ^([yY][eE][sS]|[yY])$ ]]; then
docker run -d --env-file=./.env --name mkdocs --mount type=volume,target=/opt/mkdocs --publish 443:443/tcp --publish 80:80/tcp --publish 8080:8080/tcp mkdocs
else
printf '\n'
printf 'Run the container with this script or using docker run with: \n docker run -d --env-file=./.env --name mkdocs --mount type=volume,target=/opt/mkdocs --publish 443:443/tcp --publish 80:80/tcp --publish 8080:8080/tcp mkdocs\n'
fi
# Set first_run to 1 - subsequent runs will not perform setup tasks
printf '\n'
printf "Setup complete - setting 'first_run=1' manually reset this to zero to rerun setup\n"
printf 'Run the container with this script or using docker run with: \n docker run -d --env-file=./.env --name mkdocs --mount type=volume,target=/opt/mkdocs --publish 443:443/tcp --publish 80:80/tcp --publish 8080:8080/tcp mkdocs\n'
sed -i "3 s#first_run=0#first_run=1#" ./run.sh