Using systemd to mount volumes and start containers at boot.
This commit is contained in:
parent
8340d6ac60
commit
0534749ebe
@ -1,22 +1,30 @@
|
||||
#!/bin/bash
|
||||
test -f ~/secrets.tar.gz.enc || curl -o ~/secrets.tar.gz.enc "https://cloud.scimetis.net/s/${KEY}/download?path=%2F&files=secrets.tar.gz.enc"
|
||||
#Absolute path to this script
|
||||
SCRIPT=$(readlink -f $0)
|
||||
#Absolute path this script is in
|
||||
SCRIPTPATH=$(dirname $SCRIPT)
|
||||
|
||||
cd $SCRIPTPATH
|
||||
|
||||
test -z $KEY && { echo "KEY is not defined."; exit 1; }
|
||||
|
||||
if ! test -f ~/secrets.tar.gz.enc
|
||||
then
|
||||
curl -o ~/secrets.tar.gz.enc "https://cloud.scimetis.net/s/${KEY}/download?path=%2F&files=secrets.tar.gz.enc"
|
||||
if ! test -f ~/secrets.tar.gz.enc
|
||||
then
|
||||
echo "ERROR: ~/secrets.tar.gz.enc not found, exiting."
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
openssl enc -aes-256-cbc -d -in ~/secrets.tar.gz.enc | tar -zxv --strip 2 secrets/docker-mail-stack/fetchmailrc-orange \
|
||||
secrets/docker-mail-stack/users secrets/docker-mail-stack/15-lda.conf secrets/docker-mail-stack/feed2imaprc \
|
||||
secrets/docker-mail-stack/fetchmailrc-scimetis
|
||||
secrets/docker-mail-stack/fetchmailrc-scimetis \
|
||||
|| { echo "Could not extract from secrets archive, exiting."; rm -f ~/secrets.tar.gz.enc; exit 1; }
|
||||
sudo chown root. fetchmailrc-orange fetchmailrc-scimetis users 15-lda.conf feed2imaprc
|
||||
sudo chmod a-r feed2imaprc
|
||||
|
||||
VOLUME=mail_data
|
||||
sudo mkdir -p /mnt/volumes/${VOLUME}
|
||||
if ! mountpoint -q /mnt/volumes/${VOLUME}
|
||||
then
|
||||
VOLUME_ID=$(~/env_py3/bin/openstack volume show ${VOLUME} -c id --format value)
|
||||
test -e /dev/disk/by-id/*${VOLUME_ID:0:20} || nova volume-attach $INSTANCE $VOLUME_ID auto
|
||||
sleep 3
|
||||
sudo mount /dev/disk/by-id/*${VOLUME_ID:0:20} /mnt/volumes/${VOLUME} || exit 1
|
||||
mountpoint -q /mnt/volumes/${VOLUME} || { echo "ERROR: could not mount /mnt/volumes/${VOLUME}, exiting."; exit 1; }
|
||||
fi
|
||||
|
||||
unset VERSION_DOVECOT VERSION_FETCHMAIL VERSION_FEED2IMAP
|
||||
VERSION_DOVECOT=$(git ls-remote https://git.scimetis.net/yohan/docker-dovecot.git| head -1 | cut -f 1|cut -c -10)
|
||||
VERSION_FETCHMAIL=$(git ls-remote https://git.scimetis.net/yohan/docker-fetchmail.git| head -1 | cut -f 1|cut -c -10)
|
||||
@ -33,7 +41,7 @@ sudo docker build -t feed2imap:$VERSION_FEED2IMAP ~/build/docker-feed2imap
|
||||
VERSION_DOVECOT=$VERSION_DOVECOT \
|
||||
VERSION_FETCHMAIL=$VERSION_FETCHMAIL \
|
||||
VERSION_FEED2IMAP=$VERSION_FEED2IMAP \
|
||||
sudo -E bash -c 'docker-compose up -d --force-recreate'
|
||||
sudo -E bash -c 'docker-compose up --no-start --force-recreate'
|
||||
# --force-recreate is used to recreate container when a file has changed
|
||||
# /!\ We cannot remove the secrets files or restarting the container would become impossible.
|
||||
rm -rf ~/build
|
||||
@ -6,7 +6,6 @@ services:
|
||||
image: dovecot:$VERSION_DOVECOT
|
||||
#build: "https://git.scimetis.net/yohan/docker-dovecot.git"
|
||||
container_name: dovecot
|
||||
restart: always
|
||||
ports:
|
||||
- 993:993/tcp
|
||||
- 4190:4190/tcp
|
||||
@ -22,7 +21,6 @@ services:
|
||||
image: fetchmail:$VERSION_FETCHMAIL
|
||||
#build: "https://git.scimetis.net/yohan/docker-fetchmail.git"
|
||||
container_name: fetchmail-orange
|
||||
restart: always
|
||||
networks:
|
||||
- mailnet
|
||||
volumes:
|
||||
@ -32,7 +30,6 @@ services:
|
||||
image: fetchmail:$VERSION_FETCHMAIL
|
||||
#build: "https://git.scimetis.net/yohan/docker-fetchmail.git"
|
||||
container_name: fetchmail-scimetis
|
||||
restart: always
|
||||
networks:
|
||||
- mailnet
|
||||
volumes:
|
||||
@ -42,7 +39,6 @@ services:
|
||||
image: feed2imap:$VERSION_FEED2IMAP
|
||||
#build: "https://git.scimetis.net/yohan/docker-feed2imap.git"
|
||||
container_name: feed2imap
|
||||
restart: always
|
||||
networks:
|
||||
- mailnet
|
||||
volumes:
|
||||
|
||||
42
install.sh
Executable file
42
install.sh
Executable file
@ -0,0 +1,42 @@
|
||||
#!/bin/bash
|
||||
#Absolute path to this script
|
||||
SCRIPT=$(readlink -f $0)
|
||||
#Absolute path this script is in
|
||||
SCRIPTPATH=$(dirname $SCRIPT)
|
||||
STACK=$(basename "$SCRIPTPATH")
|
||||
|
||||
for VOLUME in $(awk NF $SCRIPTPATH/volume_list | tr -d "[:blank:]")
|
||||
do
|
||||
systemctl enable mnt-cinder-volume@${VOLUME}.service
|
||||
done
|
||||
|
||||
cat << EOF > /etc/systemd/system/${STACK}.service
|
||||
[Unit]
|
||||
Description=Starting ${STACK}
|
||||
After=network-online.target firewalld.service docker.service docker.socket
|
||||
Wants=network-online.target docker.service
|
||||
Requires=docker.socket
|
||||
EOF
|
||||
|
||||
for VOLUME in $(awk NF $SCRIPTPATH/volume_list | tr -d "[:blank:]")
|
||||
do
|
||||
cat << EOF >> /etc/systemd/system/${STACK}.service
|
||||
After=mnt-cinder-volume@${VOLUME}.service
|
||||
After=mnt-volumes-${VOLUME}.mount
|
||||
Wants=mnt-cinder-volume@${VOLUME}.service
|
||||
Requires=mnt-volumes-${VOLUME}.mount
|
||||
|
||||
EOF
|
||||
done
|
||||
|
||||
cat << EOF >> /etc/systemd/system/${STACK}.service
|
||||
[Service]
|
||||
Type=oneshot
|
||||
User=$SUDO_USER
|
||||
ExecStart=$SCRIPTPATH/start.sh
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOF
|
||||
systemctl daemon-reload
|
||||
systemctl enable ${STACK}.service
|
||||
8
start.sh
Executable file
8
start.sh
Executable file
@ -0,0 +1,8 @@
|
||||
#!/bin/bash
|
||||
#Absolute path to this script
|
||||
SCRIPT=$(readlink -f $0)
|
||||
#Absolute path this script is in
|
||||
SCRIPTPATH=$(dirname $SCRIPT)
|
||||
|
||||
cd $SCRIPTPATH
|
||||
sudo docker-compose start
|
||||
1
volume_list
Normal file
1
volume_list
Normal file
@ -0,0 +1 @@
|
||||
mail_data
|
||||
Loading…
Reference in New Issue
Block a user