This repository has been archived on 2022-10-07. You can view files and clone it, but cannot push or open issues or pull requests.
skynet-webportal/setup-scripts/setup-docker-services.sh

55 lines
4.3 KiB
Bash
Raw Normal View History

#! /usr/bin/env bash
set -e # exit on first error
# Install docker (cleans up old docker installation)
# sudo apt-get remove -y docker docker-engine docker.io containerd runc # fails if it is the first installation
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"
sudo apt-get update
sudo apt-get install -y docker-ce docker-ce-cli containerd.io
docker --version # sanity check
2020-09-14 13:57:44 +00:00
# add user to docker group to avoid having to use sudo for every docker command
sudo usermod -aG docker user
# Install docker-compose
sudo curl -L "https://github.com/docker/compose/releases/download/1.25.5/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version # sanity check
# Create dummy .env file for docker-compose usage with variables
2021-08-27 12:15:22 +00:00
# * PORTAL_DOMAIN - (required) is a skynet portal domain (ex. siasky.net)
# * SERVER_DOMAIN - (optional) is an optional direct server domain (ex. eu-ger-1.siasky.net) - leave blank unless it is different than PORTAL_DOMAIN
2021-06-16 13:58:52 +00:00
# * SKYNET_PORTAL_API - absolute url to the portal api ie. https://siasky.net (general portal address)
# * SKYNET_SERVER_API - absolute url to the server api ie. https://eu-ger-1.siasky.net (direct server address, if this is single server portal use the same address as SKYNET_PORTAL_API)
# * SKYNET_DASHBOARD_URL - (optional) absolute url to the portal dashboard ie. https://account.siasky.net
# * EMAIL_ADDRESS - this is the administrator contact email you need to supply for communication regarding SSL certification
# * HSD_API_KEY - this is auto generated secure key for your handshake service integration
Accounts (#554) * stripe env * stripe env * stripe env * allow post * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * favicon * foo * foo * foo * foo * foo * foo * title * fix dashboard timestamp * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * prices * Revert "prices" This reverts commit 7071ed4ef4641bc7a7247f2b56ba1159c9606112. * Make sure we don't accidentally commit `kratos.yml`. * Add Oathkeeper access rules for Stripe. * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * Add `max_breaches` to Kratos's sample config file. * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * cache .next folder * Use own fork of Kratos's `master` in order to get the fix for the migrations issue. * Don't retry running Kratos migrations. * payments * restart: no * no * no * no * no * no * no * no * no * no * payments * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * limits * limits * nginx depends on accounts and kratos-migrate depends on cockroach. * upload limit rate * upload limit rate - 2 * upload limit rate - 3 * upload limit rate - 4 * upload limit rate - 5 * upload limit rate - 6 * upload limit rate - 7 * upload limit rate - 8 * upload limit rate - 9 * forgotten password link * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * copy to clipboard * fix ratelimit issue * Allow access to the stripe webhook. * enable allow_promotion_codes * Allow POST on webhook. * Add all env vars accounts need to docker-compose. * Don't use custom port for accounts. * print recovery * recovery sign up link * refactor cors header response * refactor cors header response * do not log unauthorized * fix registration link * settings logging * update node and tailwindcss * move webapp from volume * host 0.0.0.0 * refactor dockerfile * enable accounts * cache public * uncache public * remove cache control * no-cache * no cache * Do not use the person's name for registration. * add verify route * add verify route * add verify route * Go back to using the stock kratos image. * add verify route * fix settings link * clean up verify flow * refactor Dockerfile * Remove first and last name from used traits. * Remove account verification via email. * Allow additional properties. * Cookies and tokens last for 30 days now. * Rename secure.siasky.net to account.siasky.net. * redirect secure to account Co-authored-by: Ivaylo Novakov <inovakov@gmail.com> Co-authored-by: Ivaylo Novakov <ro-tex@users.noreply.github.com>
2021-04-01 13:15:37 +00:00
# * CLOUDFLARE_AUTH_TOKEN - (optional) if using cloudflare as dns loadbalancer (need to change it in Caddyfile too)
# * AWS_ACCESS_KEY_ID - (optional) if using route53 as a dns loadbalancer
# * AWS_SECRET_ACCESS_KEY - (optional) if using route53 as a dns loadbalancer
# * API_PORT - (optional) the port on which siad is listening, defaults to 9980
2021-06-17 11:45:53 +00:00
# * PORTAL_NAME - a string representing name of your portal e.g. `siasky.xyz` or `my skynet portal` (internal use only)
# * DISCORD_WEBHOOK_URL - (required if using Discord notifications) discord webhook url (generate from discord app)
# * DISCORD_MENTION_USER_ID - (optional) add `/cc @user` mention to important messages from webhook (has to be id not user name)
# * DISCORD_MENTION_ROLE_ID - (optional) add `/cc @role` mention to important messages from webhook (has to be id not role name)
Accounts (#554) * stripe env * stripe env * stripe env * allow post * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * favicon * foo * foo * foo * foo * foo * foo * title * fix dashboard timestamp * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * prices * Revert "prices" This reverts commit 7071ed4ef4641bc7a7247f2b56ba1159c9606112. * Make sure we don't accidentally commit `kratos.yml`. * Add Oathkeeper access rules for Stripe. * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * Add `max_breaches` to Kratos's sample config file. * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * cache .next folder * Use own fork of Kratos's `master` in order to get the fix for the migrations issue. * Don't retry running Kratos migrations. * payments * restart: no * no * no * no * no * no * no * no * no * no * payments * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * limits * limits * nginx depends on accounts and kratos-migrate depends on cockroach. * upload limit rate * upload limit rate - 2 * upload limit rate - 3 * upload limit rate - 4 * upload limit rate - 5 * upload limit rate - 6 * upload limit rate - 7 * upload limit rate - 8 * upload limit rate - 9 * forgotten password link * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * copy to clipboard * fix ratelimit issue * Allow access to the stripe webhook. * enable allow_promotion_codes * Allow POST on webhook. * Add all env vars accounts need to docker-compose. * Don't use custom port for accounts. * print recovery * recovery sign up link * refactor cors header response * refactor cors header response * do not log unauthorized * fix registration link * settings logging * update node and tailwindcss * move webapp from volume * host 0.0.0.0 * refactor dockerfile * enable accounts * cache public * uncache public * remove cache control * no-cache * no cache * Do not use the person's name for registration. * add verify route * add verify route * add verify route * Go back to using the stock kratos image. * add verify route * fix settings link * clean up verify flow * refactor Dockerfile * Remove first and last name from used traits. * Remove account verification via email. * Allow additional properties. * Cookies and tokens last for 30 days now. * Rename secure.siasky.net to account.siasky.net. * redirect secure to account Co-authored-by: Ivaylo Novakov <inovakov@gmail.com> Co-authored-by: Ivaylo Novakov <ro-tex@users.noreply.github.com>
2021-04-01 13:15:37 +00:00
# * SKYNET_DB_USER - (optional) if using `accounts` this is the MongoDB username
# * SKYNET_DB_PASS - (optional) if using `accounts` this is the MongoDB password
# * SKYNET_DB_HOST - (optional) if using `accounts` this is the MongoDB address or container name
# * SKYNET_DB_PORT - (optional) if using `accounts` this is the MongoDB port
# * COOKIE_DOMAIN - (optional) if using `accounts` this is the domain to which your cookies will be issued
# * COOKIE_HASH_KEY - (optional) if using `accounts` hashing secret, at least 32 bytes
# * COOKIE_ENC_KEY - (optional) if using `accounts` encryption key, at least 32 bytes
# * CR_IP - (optional) if using `accounts` the public IP/domain of your server, e.g. `helsinki.siasky.net`
# * CR_CLUSTER_NODES - (optional) if using `accounts` the list of servers (with ports) which make up your CockroachDB cluster, e.g. `helsinki.siasky.net:26257,germany.siasky.net:26257,us-east.siasky.net:26257`
if ! [ -f /home/user/skynet-webportal/.env ]; then
2020-07-27 09:30:55 +00:00
HSD_API_KEY=$(openssl rand -base64 32) # generate safe random key for handshake
2021-08-27 12:15:22 +00:00
printf "PORTAL_DOMAIN=siasky.net\nSERVER_DOMAIN=\nSKYNET_PORTAL_API=https://siasky.net\nSKYNET_SERVER_API=https://eu-dc-1.siasky.net\nSKYNET_DASHBOARD_URL=https://account.example.com\nEMAIL_ADDRESS=email@example.com\nSIA_WALLET_PASSWORD=\nHSD_API_KEY=${HSD_API_KEY}\nCLOUDFLARE_AUTH_TOKEN=\nAWS_ACCESS_KEY_ID=\nAWS_SECRET_ACCESS_KEY=\nPORTAL_NAME=\DISCORD_WEBHOOK_URL=\nDISCORD_MENTION_USER_ID=\nDISCORD_MENTION_ROLE_ID=\n" > /home/user/skynet-webportal/.env
fi
2020-07-08 12:49:06 +00:00
# Start docker container with nginx and client
docker-compose -f docker-compose.yml up --build -d