From ba3a7bc94421f93818f9196bd8a2c32eb7d9d940 Mon Sep 17 00:00:00 2001 From: Thomas Vanbesien Date: Wed, 3 Jun 2026 17:12:58 +0200 Subject: feat: better initialization script MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Rename `tools/build` → `net_services` `net_services` can be run from anywhere (previously it was not creating the fs archives in the right place). It also creates the directories specified in `.env`, generate a self-signed certificate if no certificate is available, initialize the first Radicale user if missing, and copy example configuration files if missing for cgit. `generate_self_signed_cert` has been removed (its code is in `net_services`) --- tools/build | 5 --- tools/generate_self_signed_cert | 12 ------- tools/net_services | 76 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 76 insertions(+), 17 deletions(-) delete mode 100755 tools/build delete mode 100755 tools/generate_self_signed_cert create mode 100755 tools/net_services (limited to 'tools') diff --git a/tools/build b/tools/build deleted file mode 100755 index 09d7734..0000000 --- a/tools/build +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/bash - -for srv in nginx radicale; do - tar -czf services/"$srv"/fs.tar.gz -C services/"$srv" . -done diff --git a/tools/generate_self_signed_cert b/tools/generate_self_signed_cert deleted file mode 100755 index b25cdb3..0000000 --- a/tools/generate_self_signed_cert +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/bash - -# Creates a self-signed key/certificate pair for a domain and subdomain(s) -# Usage: -# build [...] - -domain=${1:?missing domain argument} -shift -subdomains=("$@") - -mkcert -install -mkcert "${subdomains[@]/%/.$domain}" "$domain" diff --git a/tools/net_services b/tools/net_services new file mode 100755 index 0000000..64a4fb5 --- /dev/null +++ b/tools/net_services @@ -0,0 +1,76 @@ +#!/usr/bin/bash +set -euo pipefail + +script_dir="$(dirname "$(realpath "$0")")" +root_dir="$(realpath "$script_dir/..")" + +env_file="$script_dir/../.env" +if ! [[ -r "$env_file" ]]; then + echo "$env_file is missing" >&2 + exit 1 +fi +# shellcheck disable=1090 +source "$env_file" + +init() { + for service in nginx radicale; do + tar -czf "$root_dir/services/$service/fs.tar.gz" -C "$root_dir/services/$service/fs" . + done + + local -a dirs=( + HOST__SECRET_DIR + HOST__GIT_REPO_DIR + HOST__CGITRC_DIR + HOST__CGIT_FILTER_DIR + HOST__CGIT_ABOUT_DIR + HOST__RADICALE_USERS_DIR + HOST__SYNC_DIR + ) + for envvar_name in "${dirs[@]}"; do + local -n dir="$envvar_name" + mkdir --parents "$dir" + done + + # generate_self_signed_cert [...] + generate_self_signed_cert() { + local crt_dst=${1:?missing crt_dst argument} + local key_dst=${2:?missing key_dst argument} + local domain=${3:?missing domain argument} + shift 3 + local -a subdomains=("$@") + mkcert -install + mkcert -cert-file "$crt_dst" -key-file "$key_dst" "${subdomains[@]/%/.$domain}" "$domain" + } + local crt_file="$HOST__SECRET_DIR/server.crt" + local key_file="$HOST__SECRET_DIR/server.key" + if ! [[ -e "$crt_file" && -e "$key_file" ]]; then + echo "$crt_file or $key_file missing" + read -rn 1 -p "Create? (y/n)" input + echo + if [[ $input == y ]]; then + generate_self_signed_cert "$crt_file" "$key_file" "$NGINX__HOST" www git sync dav + fi + fi + + if ! [[ -e "$HOST__RADICALE_USERS_DIR/.htpasswd" ]]; then + read -rp "Initial Radicale username: " username + htpasswd -c -B "$HOST__RADICALE_USERS_DIR/.htpasswd" "$username" + fi + + cp_if_absent() { + local src="${1:?missing src argument}" + local dst="${2:?missing dst argument}" + if ! [[ -e "$dst" ]]; then cp "$src" "$dst"; fi + } + cp_if_absent "$root_dir/services/cgit/examples/cgitrc" "$HOST__CGITRC_DIR/cgitrc" + cp_if_absent "$root_dir/services/cgit/examples/about.md" "$HOST__CGIT_ABOUT_DIR/about.md" + cp_if_absent "$root_dir/services/cgit/examples/commit-filter.sh" "$HOST__CGIT_FILTER_DIR/commit-filter.sh" +} + +case ${1:-} in +init) init ;; +*) + echo "usage: net_services init" + exit 1 + ;; +esac -- cgit v1.3.1