Using systemd to mount volumes and start containers at boot.
This commit is contained in:
parent
8340d6ac60
commit
0534749ebe
@ -1,22 +1,30 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
test -f ~/secrets.tar.gz.enc || curl -o ~/secrets.tar.gz.enc "https://cloud.scimetis.net/s/${KEY}/download?path=%2F&files=secrets.tar.gz.enc"
|
#Absolute path to this script
|
||||||
|
SCRIPT=$(readlink -f $0)
|
||||||
|
#Absolute path this script is in
|
||||||
|
SCRIPTPATH=$(dirname $SCRIPT)
|
||||||
|
|
||||||
|
cd $SCRIPTPATH
|
||||||
|
|
||||||
|
test -z $KEY && { echo "KEY is not defined."; exit 1; }
|
||||||
|
|
||||||
|
if ! test -f ~/secrets.tar.gz.enc
|
||||||
|
then
|
||||||
|
curl -o ~/secrets.tar.gz.enc "https://cloud.scimetis.net/s/${KEY}/download?path=%2F&files=secrets.tar.gz.enc"
|
||||||
|
if ! test -f ~/secrets.tar.gz.enc
|
||||||
|
then
|
||||||
|
echo "ERROR: ~/secrets.tar.gz.enc not found, exiting."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
openssl enc -aes-256-cbc -d -in ~/secrets.tar.gz.enc | tar -zxv --strip 2 secrets/docker-mail-stack/fetchmailrc-orange \
|
openssl enc -aes-256-cbc -d -in ~/secrets.tar.gz.enc | tar -zxv --strip 2 secrets/docker-mail-stack/fetchmailrc-orange \
|
||||||
secrets/docker-mail-stack/users secrets/docker-mail-stack/15-lda.conf secrets/docker-mail-stack/feed2imaprc \
|
secrets/docker-mail-stack/users secrets/docker-mail-stack/15-lda.conf secrets/docker-mail-stack/feed2imaprc \
|
||||||
secrets/docker-mail-stack/fetchmailrc-scimetis
|
secrets/docker-mail-stack/fetchmailrc-scimetis \
|
||||||
|
|| { echo "Could not extract from secrets archive, exiting."; rm -f ~/secrets.tar.gz.enc; exit 1; }
|
||||||
sudo chown root. fetchmailrc-orange fetchmailrc-scimetis users 15-lda.conf feed2imaprc
|
sudo chown root. fetchmailrc-orange fetchmailrc-scimetis users 15-lda.conf feed2imaprc
|
||||||
sudo chmod a-r feed2imaprc
|
sudo chmod a-r feed2imaprc
|
||||||
|
|
||||||
VOLUME=mail_data
|
|
||||||
sudo mkdir -p /mnt/volumes/${VOLUME}
|
|
||||||
if ! mountpoint -q /mnt/volumes/${VOLUME}
|
|
||||||
then
|
|
||||||
VOLUME_ID=$(~/env_py3/bin/openstack volume show ${VOLUME} -c id --format value)
|
|
||||||
test -e /dev/disk/by-id/*${VOLUME_ID:0:20} || nova volume-attach $INSTANCE $VOLUME_ID auto
|
|
||||||
sleep 3
|
|
||||||
sudo mount /dev/disk/by-id/*${VOLUME_ID:0:20} /mnt/volumes/${VOLUME} || exit 1
|
|
||||||
mountpoint -q /mnt/volumes/${VOLUME} || { echo "ERROR: could not mount /mnt/volumes/${VOLUME}, exiting."; exit 1; }
|
|
||||||
fi
|
|
||||||
|
|
||||||
unset VERSION_DOVECOT VERSION_FETCHMAIL VERSION_FEED2IMAP
|
unset VERSION_DOVECOT VERSION_FETCHMAIL VERSION_FEED2IMAP
|
||||||
VERSION_DOVECOT=$(git ls-remote https://git.scimetis.net/yohan/docker-dovecot.git| head -1 | cut -f 1|cut -c -10)
|
VERSION_DOVECOT=$(git ls-remote https://git.scimetis.net/yohan/docker-dovecot.git| head -1 | cut -f 1|cut -c -10)
|
||||||
VERSION_FETCHMAIL=$(git ls-remote https://git.scimetis.net/yohan/docker-fetchmail.git| head -1 | cut -f 1|cut -c -10)
|
VERSION_FETCHMAIL=$(git ls-remote https://git.scimetis.net/yohan/docker-fetchmail.git| head -1 | cut -f 1|cut -c -10)
|
||||||
@ -33,7 +41,7 @@ sudo docker build -t feed2imap:$VERSION_FEED2IMAP ~/build/docker-feed2imap
|
|||||||
VERSION_DOVECOT=$VERSION_DOVECOT \
|
VERSION_DOVECOT=$VERSION_DOVECOT \
|
||||||
VERSION_FETCHMAIL=$VERSION_FETCHMAIL \
|
VERSION_FETCHMAIL=$VERSION_FETCHMAIL \
|
||||||
VERSION_FEED2IMAP=$VERSION_FEED2IMAP \
|
VERSION_FEED2IMAP=$VERSION_FEED2IMAP \
|
||||||
sudo -E bash -c 'docker-compose up -d --force-recreate'
|
sudo -E bash -c 'docker-compose up --no-start --force-recreate'
|
||||||
# --force-recreate is used to recreate container when a file has changed
|
# --force-recreate is used to recreate container when a file has changed
|
||||||
# /!\ We cannot remove the secrets files or restarting the container would become impossible.
|
# /!\ We cannot remove the secrets files or restarting the container would become impossible.
|
||||||
rm -rf ~/build
|
rm -rf ~/build
|
||||||
@ -6,7 +6,6 @@ services:
|
|||||||
image: dovecot:$VERSION_DOVECOT
|
image: dovecot:$VERSION_DOVECOT
|
||||||
#build: "https://git.scimetis.net/yohan/docker-dovecot.git"
|
#build: "https://git.scimetis.net/yohan/docker-dovecot.git"
|
||||||
container_name: dovecot
|
container_name: dovecot
|
||||||
restart: always
|
|
||||||
ports:
|
ports:
|
||||||
- 993:993/tcp
|
- 993:993/tcp
|
||||||
- 4190:4190/tcp
|
- 4190:4190/tcp
|
||||||
@ -22,7 +21,6 @@ services:
|
|||||||
image: fetchmail:$VERSION_FETCHMAIL
|
image: fetchmail:$VERSION_FETCHMAIL
|
||||||
#build: "https://git.scimetis.net/yohan/docker-fetchmail.git"
|
#build: "https://git.scimetis.net/yohan/docker-fetchmail.git"
|
||||||
container_name: fetchmail-orange
|
container_name: fetchmail-orange
|
||||||
restart: always
|
|
||||||
networks:
|
networks:
|
||||||
- mailnet
|
- mailnet
|
||||||
volumes:
|
volumes:
|
||||||
@ -32,7 +30,6 @@ services:
|
|||||||
image: fetchmail:$VERSION_FETCHMAIL
|
image: fetchmail:$VERSION_FETCHMAIL
|
||||||
#build: "https://git.scimetis.net/yohan/docker-fetchmail.git"
|
#build: "https://git.scimetis.net/yohan/docker-fetchmail.git"
|
||||||
container_name: fetchmail-scimetis
|
container_name: fetchmail-scimetis
|
||||||
restart: always
|
|
||||||
networks:
|
networks:
|
||||||
- mailnet
|
- mailnet
|
||||||
volumes:
|
volumes:
|
||||||
@ -42,7 +39,6 @@ services:
|
|||||||
image: feed2imap:$VERSION_FEED2IMAP
|
image: feed2imap:$VERSION_FEED2IMAP
|
||||||
#build: "https://git.scimetis.net/yohan/docker-feed2imap.git"
|
#build: "https://git.scimetis.net/yohan/docker-feed2imap.git"
|
||||||
container_name: feed2imap
|
container_name: feed2imap
|
||||||
restart: always
|
|
||||||
networks:
|
networks:
|
||||||
- mailnet
|
- mailnet
|
||||||
volumes:
|
volumes:
|
||||||
|
|||||||
42
install.sh
Executable file
42
install.sh
Executable file
@ -0,0 +1,42 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#Absolute path to this script
|
||||||
|
SCRIPT=$(readlink -f $0)
|
||||||
|
#Absolute path this script is in
|
||||||
|
SCRIPTPATH=$(dirname $SCRIPT)
|
||||||
|
STACK=$(basename "$SCRIPTPATH")
|
||||||
|
|
||||||
|
for VOLUME in $(awk NF $SCRIPTPATH/volume_list | tr -d "[:blank:]")
|
||||||
|
do
|
||||||
|
systemctl enable mnt-cinder-volume@${VOLUME}.service
|
||||||
|
done
|
||||||
|
|
||||||
|
cat << EOF > /etc/systemd/system/${STACK}.service
|
||||||
|
[Unit]
|
||||||
|
Description=Starting ${STACK}
|
||||||
|
After=network-online.target firewalld.service docker.service docker.socket
|
||||||
|
Wants=network-online.target docker.service
|
||||||
|
Requires=docker.socket
|
||||||
|
EOF
|
||||||
|
|
||||||
|
for VOLUME in $(awk NF $SCRIPTPATH/volume_list | tr -d "[:blank:]")
|
||||||
|
do
|
||||||
|
cat << EOF >> /etc/systemd/system/${STACK}.service
|
||||||
|
After=mnt-cinder-volume@${VOLUME}.service
|
||||||
|
After=mnt-volumes-${VOLUME}.mount
|
||||||
|
Wants=mnt-cinder-volume@${VOLUME}.service
|
||||||
|
Requires=mnt-volumes-${VOLUME}.mount
|
||||||
|
|
||||||
|
EOF
|
||||||
|
done
|
||||||
|
|
||||||
|
cat << EOF >> /etc/systemd/system/${STACK}.service
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
User=$SUDO_USER
|
||||||
|
ExecStart=$SCRIPTPATH/start.sh
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
EOF
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable ${STACK}.service
|
||||||
8
start.sh
Executable file
8
start.sh
Executable file
@ -0,0 +1,8 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#Absolute path to this script
|
||||||
|
SCRIPT=$(readlink -f $0)
|
||||||
|
#Absolute path this script is in
|
||||||
|
SCRIPTPATH=$(dirname $SCRIPT)
|
||||||
|
|
||||||
|
cd $SCRIPTPATH
|
||||||
|
sudo docker-compose start
|
||||||
1
volume_list
Normal file
1
volume_list
Normal file
@ -0,0 +1 @@
|
|||||||
|
mail_data
|
||||||
Loading…
Reference in New Issue
Block a user