Using systemd to mount volumes and start containers at boot.

This commit is contained in:
yohan 2020-03-31 15:50:39 +02:00
parent 8340d6ac60
commit 0534749ebe
5 changed files with 73 additions and 18 deletions

View File

@ -1,22 +1,30 @@
#!/bin/bash #!/bin/bash
test -f ~/secrets.tar.gz.enc || curl -o ~/secrets.tar.gz.enc "https://cloud.scimetis.net/s/${KEY}/download?path=%2F&files=secrets.tar.gz.enc" #Absolute path to this script
SCRIPT=$(readlink -f $0)
#Absolute path this script is in
SCRIPTPATH=$(dirname $SCRIPT)
cd $SCRIPTPATH
test -z $KEY && { echo "KEY is not defined."; exit 1; }
if ! test -f ~/secrets.tar.gz.enc
then
curl -o ~/secrets.tar.gz.enc "https://cloud.scimetis.net/s/${KEY}/download?path=%2F&files=secrets.tar.gz.enc"
if ! test -f ~/secrets.tar.gz.enc
then
echo "ERROR: ~/secrets.tar.gz.enc not found, exiting."
exit 1
fi
fi
openssl enc -aes-256-cbc -d -in ~/secrets.tar.gz.enc | tar -zxv --strip 2 secrets/docker-mail-stack/fetchmailrc-orange \ openssl enc -aes-256-cbc -d -in ~/secrets.tar.gz.enc | tar -zxv --strip 2 secrets/docker-mail-stack/fetchmailrc-orange \
secrets/docker-mail-stack/users secrets/docker-mail-stack/15-lda.conf secrets/docker-mail-stack/feed2imaprc \ secrets/docker-mail-stack/users secrets/docker-mail-stack/15-lda.conf secrets/docker-mail-stack/feed2imaprc \
secrets/docker-mail-stack/fetchmailrc-scimetis secrets/docker-mail-stack/fetchmailrc-scimetis \
|| { echo "Could not extract from secrets archive, exiting."; rm -f ~/secrets.tar.gz.enc; exit 1; }
sudo chown root. fetchmailrc-orange fetchmailrc-scimetis users 15-lda.conf feed2imaprc sudo chown root. fetchmailrc-orange fetchmailrc-scimetis users 15-lda.conf feed2imaprc
sudo chmod a-r feed2imaprc sudo chmod a-r feed2imaprc
VOLUME=mail_data
sudo mkdir -p /mnt/volumes/${VOLUME}
if ! mountpoint -q /mnt/volumes/${VOLUME}
then
VOLUME_ID=$(~/env_py3/bin/openstack volume show ${VOLUME} -c id --format value)
test -e /dev/disk/by-id/*${VOLUME_ID:0:20} || nova volume-attach $INSTANCE $VOLUME_ID auto
sleep 3
sudo mount /dev/disk/by-id/*${VOLUME_ID:0:20} /mnt/volumes/${VOLUME} || exit 1
mountpoint -q /mnt/volumes/${VOLUME} || { echo "ERROR: could not mount /mnt/volumes/${VOLUME}, exiting."; exit 1; }
fi
unset VERSION_DOVECOT VERSION_FETCHMAIL VERSION_FEED2IMAP unset VERSION_DOVECOT VERSION_FETCHMAIL VERSION_FEED2IMAP
VERSION_DOVECOT=$(git ls-remote https://git.scimetis.net/yohan/docker-dovecot.git| head -1 | cut -f 1|cut -c -10) VERSION_DOVECOT=$(git ls-remote https://git.scimetis.net/yohan/docker-dovecot.git| head -1 | cut -f 1|cut -c -10)
VERSION_FETCHMAIL=$(git ls-remote https://git.scimetis.net/yohan/docker-fetchmail.git| head -1 | cut -f 1|cut -c -10) VERSION_FETCHMAIL=$(git ls-remote https://git.scimetis.net/yohan/docker-fetchmail.git| head -1 | cut -f 1|cut -c -10)
@ -33,7 +41,7 @@ sudo docker build -t feed2imap:$VERSION_FEED2IMAP ~/build/docker-feed2imap
VERSION_DOVECOT=$VERSION_DOVECOT \ VERSION_DOVECOT=$VERSION_DOVECOT \
VERSION_FETCHMAIL=$VERSION_FETCHMAIL \ VERSION_FETCHMAIL=$VERSION_FETCHMAIL \
VERSION_FEED2IMAP=$VERSION_FEED2IMAP \ VERSION_FEED2IMAP=$VERSION_FEED2IMAP \
sudo -E bash -c 'docker-compose up -d --force-recreate' sudo -E bash -c 'docker-compose up --no-start --force-recreate'
# --force-recreate is used to recreate container when a file has changed # --force-recreate is used to recreate container when a file has changed
# /!\ We cannot remove the secrets files or restarting the container would become impossible. # /!\ We cannot remove the secrets files or restarting the container would become impossible.
rm -rf ~/build rm -rf ~/build

View File

@ -6,7 +6,6 @@ services:
image: dovecot:$VERSION_DOVECOT image: dovecot:$VERSION_DOVECOT
#build: "https://git.scimetis.net/yohan/docker-dovecot.git" #build: "https://git.scimetis.net/yohan/docker-dovecot.git"
container_name: dovecot container_name: dovecot
restart: always
ports: ports:
- 993:993/tcp - 993:993/tcp
- 4190:4190/tcp - 4190:4190/tcp
@ -22,7 +21,6 @@ services:
image: fetchmail:$VERSION_FETCHMAIL image: fetchmail:$VERSION_FETCHMAIL
#build: "https://git.scimetis.net/yohan/docker-fetchmail.git" #build: "https://git.scimetis.net/yohan/docker-fetchmail.git"
container_name: fetchmail-orange container_name: fetchmail-orange
restart: always
networks: networks:
- mailnet - mailnet
volumes: volumes:
@ -32,7 +30,6 @@ services:
image: fetchmail:$VERSION_FETCHMAIL image: fetchmail:$VERSION_FETCHMAIL
#build: "https://git.scimetis.net/yohan/docker-fetchmail.git" #build: "https://git.scimetis.net/yohan/docker-fetchmail.git"
container_name: fetchmail-scimetis container_name: fetchmail-scimetis
restart: always
networks: networks:
- mailnet - mailnet
volumes: volumes:
@ -42,7 +39,6 @@ services:
image: feed2imap:$VERSION_FEED2IMAP image: feed2imap:$VERSION_FEED2IMAP
#build: "https://git.scimetis.net/yohan/docker-feed2imap.git" #build: "https://git.scimetis.net/yohan/docker-feed2imap.git"
container_name: feed2imap container_name: feed2imap
restart: always
networks: networks:
- mailnet - mailnet
volumes: volumes:

42
install.sh Executable file
View File

@ -0,0 +1,42 @@
#!/bin/bash
#Absolute path to this script
SCRIPT=$(readlink -f $0)
#Absolute path this script is in
SCRIPTPATH=$(dirname $SCRIPT)
STACK=$(basename "$SCRIPTPATH")
for VOLUME in $(awk NF $SCRIPTPATH/volume_list | tr -d "[:blank:]")
do
systemctl enable mnt-cinder-volume@${VOLUME}.service
done
cat << EOF > /etc/systemd/system/${STACK}.service
[Unit]
Description=Starting ${STACK}
After=network-online.target firewalld.service docker.service docker.socket
Wants=network-online.target docker.service
Requires=docker.socket
EOF
for VOLUME in $(awk NF $SCRIPTPATH/volume_list | tr -d "[:blank:]")
do
cat << EOF >> /etc/systemd/system/${STACK}.service
After=mnt-cinder-volume@${VOLUME}.service
After=mnt-volumes-${VOLUME}.mount
Wants=mnt-cinder-volume@${VOLUME}.service
Requires=mnt-volumes-${VOLUME}.mount
EOF
done
cat << EOF >> /etc/systemd/system/${STACK}.service
[Service]
Type=oneshot
User=$SUDO_USER
ExecStart=$SCRIPTPATH/start.sh
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable ${STACK}.service

8
start.sh Executable file
View File

@ -0,0 +1,8 @@
#!/bin/bash
#Absolute path to this script
SCRIPT=$(readlink -f $0)
#Absolute path this script is in
SCRIPTPATH=$(dirname $SCRIPT)
cd $SCRIPTPATH
sudo docker-compose start

1
volume_list Normal file
View File

@ -0,0 +1 @@
mail_data