Mercurial > public > ssdt-docker
changeset 413:4b0c2c7e213b production v2.15.0
flow: Merged <release> '2.15.0' to <master> ('production').
author | Marc Davis <marc.davis@mcoecn.org> |
---|---|
date | Fri, 14 Oct 2022 10:20:38 -0400 (2022-10-14) |
parents | cc2ef015d7e1 (current diff) abeb2f8f6724 (diff) |
children | ff70a9d9571c |
files | |
diffstat | 5 files changed, 294 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/prod/install-itcm-app.sh Fri Oct 14 10:20:38 2022 -0400 @@ -0,0 +1,101 @@ +#!/bin/bash +# +# read required env variables +BASEDIR="$PWD" +source $BASEDIR/.env/itcm-shared.properties +source $BASEDIR/.env/itcm-app.properties +# docker login +echo "Attempting to login to $artifactUrl" +docker login $artifactUrl -u $artifactUser -p $artifactPassword +# docker pull db image +echo "Attempting to pull $artifactUrl/itcm-app:$appVersion" +docker pull $artifactUrl/itcm-app:$appVersion +# +# Builder docker run command based on settings in env files +echo "Building docker run command" +dockerRunCommand="docker run --name $entityId-itcm-app + --restart=unless-stopped + --network $entityId-itcm-net + -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-itcm-db:5432/itcmdb + -e SPRING_DATASOURCE_DRIVER_CLASS_NAME=org.postgresql.Driver + -e SPRING_DATASOURCE_USERNAME=postgres + -e SPRING_DATASOURCE_PASSWORD=$dbPassword + -e SPRING_PROFILES_ACTIVE=prod + -e APPLICATION_ADMIN_PASSWORD=$adminPassword + -e APPLICATION_ADMIN_RESET=$resetAdminPassword + -e JAVA_OPTS=$java_opts" +# +if [ ! -z "$virtualHost" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost" +fi +# +if [ ! -z "$virtualPort" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_PORT=$virtualPort" +fi +# +if [ ! -z "$letsencryptHost" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_HOST=$letsencryptHost" +fi +# +if [ ! -z "$letsencryptEmail" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_EMAIL=$letsencryptEmail" +fi +# +if [ ! -z "$hostPort" ]; then + dockerRunCommand="$dockerRunCommand -p $hostPort" +fi +# +# +if [ ! -z "$duoEnabled" ]; then + echo "Adding Duo Configuration" + dockerRunCommand="$dockerRunCommand + -e SSDT_DUO_ENABLED=$duoEnabled + -e SSDT_DUO_CLIENT_ID=$duoClientId + -e SSDT_DUO_CLIENT_SECRET=$duoClientSecret + -e SSDT_DUO_API_HOSTNAME=$duoApiHostname + -e SSDT_DUO_FAIL_OPEN=$duoFailOpen + -e SSDT_DUO_ITCM_HOST=$duoItcmHost + -e SSDT_DUO_ITCM_PORT=$duoItcmPort + -e SSDT_DUO_ITCM_CONTEXT=$duoItcmContext + -e SSDT_DUO_MINUTES_UNTIL_EXPIRATION=$duoMinutesUntilExpiration" +fi +# +# +if [ ! -z "$ads_config1_enabled" ]; then + echo "Add Window Active Director Configuration 1" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG1_ENABLED=$ads_config1_enabled + -e SSDT_ADS_CONFIG1_DOMAIN=$ads_config1_domain + -e SSDT_ADS_CONFIG1_LDAP_URL=$ads_config1_ldap_url + -e SSDT_ADS_CONFIG1_ROOT_DN=$ads_config1_root_dn + -e SSDT_ADS_CONFIG1_SEARCH_FILTER=$ads_config1_search_filter" +fi +# +# +if [ ! -z "$ads_config2_enabled" ]; then + echo "Add Window Active Director Configuration 2" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG2_ENABLED=$ads_config2_enabled + -e SSDT_ADS_CONFIG2_DOMAIN=$ads_config2_domain + -e SSDT_ADS_CONFIG2_LDAP_URL=$ads_config2_ldap_url + -e SSDT_ADS_CONFIG2_ROOT_DN=$ads_config2_root_dn + -e SSDT_ADS_CONFIG2_SEARCH_FILTER=$ads_config2_search_filter" +fi +# +# +if [ ! -z "$ads_config3_enabled" ]; then + echo "Add Window Active Director Configuration 3" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG3_ENABLED=$ads_config3_enabled + -e SSDT_ADS_CONFIG3_DOMAIN=$ads_config3_domain + -e SSDT_ADS_CONFIG3_LDAP_URL=$ads_config3_ldap_url + -e SSDT_ADS_CONFIG3_ROOT_DN=$ads_config3_root_dn + -e SSDT_ADS_CONFIG3_SEARCH_FILTER=$ads_config3_search_filter" +fi +# +# +dockerRunCommand="$dockerRunCommand -d $artifactUrl/itcm-app:$appVersion" +# +# Execute constructed docker run command to create $entityId-itcm-app container connected to db and docker network +echo "Executing docker run command" +$dockerRunCommand \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/prod/install-itcm-db.sh Fri Oct 14 10:20:38 2022 -0400 @@ -0,0 +1,26 @@ +#!/bin/bash +# +# read required env variables +BASEDIR="$PWD" +source $BASEDIR/.env/itcm-shared.properties +source $BASEDIR/.env/itcm-db.properties +# +# docker login +echo "attempting to login to $artifactUrl" +docker login $artifactUrl -u $artifactUser -p $artifactPassword +# docker pull db image +echo "Attempting to pull $artifactUrl/itcm-$dbVersion" +docker pull $artifactUrl/itcm-db:$dbVersion +# +# create itc management specific docker network for $entityId +echo "Attempting to create $entityId-itcm-net docker network" +docker network create $entityId-itcm-net +# docker run itcm-db (data mounted as volume) connected to $entityId-itcm-net docker network +echo "Attempting to execute docker run command" +docker run --name $entityId-itcm-db \ + --restart=unless-stopped \ + --mount source=$entityId-itcm-db,target=/var/lib/postgresql/data \ + --network $entityId-itcm-net \ + -e POSTGRES_DB=itcmdb \ + -e POSTGRES_PASSWORD=$dbPassword \ + -d $artifactUrl/itcm-db:$dbVersion \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/prod/update-itcm-app.sh Fri Oct 14 10:20:38 2022 -0400 @@ -0,0 +1,111 @@ +#!/bin/bash +# +# read required env variables +BASEDIR="$PWD" +source $BASEDIR/.env/itcm-shared.properties +source $BASEDIR/.env/itcm-app.properties +# +# docker login +echo "Attempting to login to $artifactUrl" +docker login $artifactUrl -u $artifactUser -p $artifactPassword +# +# docker pull app image +echo "Attempting to pull $artifactUrl/itcm-app:$appVersion" +docker pull $artifactUrl/itcm-app:$appVersion +# +# docker stop itcm app container +echo "Attempting to stop $entityId-itcm-app container" +docker stop $entityId-itcm-app +# +# docker rm itcm app container +echo "Attempting to remove $entityId-itcm-app container" +docker rm $entityId-itcm-app +# +# Builder docker run command based on settings in env files +echo "Building docker run command" +dockerRunCommand="docker run --name $entityId-itcm-app + --restart=unless-stopped + --network $entityId-itcm-net + -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-itcm-db:5432/itcmdb + -e SPRING_DATASOURCE_DRIVER_CLASS_NAME=org.postgresql.Driver + -e SPRING_DATASOURCE_USERNAME=postgres + -e SPRING_DATASOURCE_PASSWORD=$dbPassword + -e SPRING_PROFILES_ACTIVE=prod + -e APPLICATION_ADMIN_PASSWORD=$adminPassword + -e APPLICATION_ADMIN_RESET=$resetAdminPassword + -e JAVA_OPTS=$java_opts" +# +if [ ! -z "$virtualHost" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost" +fi +# +if [ ! -z "$virtualPort" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_PORT=$virtualPort" +fi +# +if [ ! -z "$letsencryptHost" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_HOST=$letsencryptHost" +fi +# +if [ ! -z "$letsencryptEmail" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_EMAIL=$letsencryptEmail" +fi +# +if [ ! -z "$hostPort" ]; then + dockerRunCommand="$dockerRunCommand -p $hostPort" +fi +# +# +if [ ! -z "$duoEnabled" ]; then + echo "Adding Duo Configuration" + dockerRunCommand="$dockerRunCommand + -e SSDT_DUO_ENABLED=$duoEnabled + -e SSDT_DUO_CLIENT_ID=$duoClientId + -e SSDT_DUO_CLIENT_SECRET=$duoClientSecret + -e SSDT_DUO_API_HOSTNAME=$duoApiHostname + -e SSDT_DUO_FAIL_OPEN=$duoFailOpen + -e SSDT_DUO_ITCM_HOST=$duoItcmHost + -e SSDT_DUO_ITCM_PORT=$duoItcmPort + -e SSDT_DUO_ITCM_CONTEXT=$duoItcmContext + -e SSDT_DUO_MINUTES_UNTIL_EXPIRATION=$duoMinutesUntilExpiration" +fi +# +# +if [ ! -z "$ads_config1_enabled" ]; then + echo "Add Window Active Director Configuration 1" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG1_ENABLED=$ads_config1_enabled + -e SSDT_ADS_CONFIG1_DOMAIN=$ads_config1_domain + -e SSDT_ADS_CONFIG1_LDAP_URL=$ads_config1_ldap_url + -e SSDT_ADS_CONFIG1_ROOT_DN=$ads_config1_root_dn + -e SSDT_ADS_CONFIG1_SEARCH_FILTER=$ads_config1_search_filter" +fi +# +# +if [ ! -z "$ads_config2_enabled" ]; then + echo "Add Window Active Director Configuration 2" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG2_ENABLED=$ads_config2_enabled + -e SSDT_ADS_CONFIG2_DOMAIN=$ads_config2_domain + -e SSDT_ADS_CONFIG2_LDAP_URL=$ads_config2_ldap_url + -e SSDT_ADS_CONFIG2_ROOT_DN=$ads_config2_root_dn + -e SSDT_ADS_CONFIG2_SEARCH_FILTER=$ads_config2_search_filter" +fi +# +# +if [ ! -z "$ads_config3_enabled" ]; then + echo "Add Window Active Director Configuration 3" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG3_ENABLED=$ads_config3_enabled + -e SSDT_ADS_CONFIG3_DOMAIN=$ads_config3_domain + -e SSDT_ADS_CONFIG3_LDAP_URL=$ads_config3_ldap_url + -e SSDT_ADS_CONFIG3_ROOT_DN=$ads_config3_root_dn + -e SSDT_ADS_CONFIG3_SEARCH_FILTER=$ads_config3_search_filter" +fi +# +# +dockerRunCommand="$dockerRunCommand -d $artifactUrl/itcm-app:$appVersion" +# +# Execute constructed docker run command to create $entityId-itcm-app container connected to db and docker network +echo "Executing docker run command" +$dockerRunCommand \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/scripts/backup-itcm.sh Fri Oct 14 10:20:38 2022 -0400 @@ -0,0 +1,5 @@ +#!/bin/bash + +source "${SSDT_SCRIPTS:-$(dirname "${BASH_SOURCE[0]}")}/.functions.sh" + +${SSDT_SCRIPTS}/backup-container-docker.sh itcmdb ${1} \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/scripts/restore-itcm.sh Fri Oct 14 10:20:38 2022 -0400 @@ -0,0 +1,51 @@ +#!/bin/bash + +source "${SSDT_SCRIPTS:-$(dirname "${BASH_SOURCE[0]}")}/.functions.sh" + +sourceFile=${1?must provide backup file to be restored} + +if [ -z "$1" ] +then + echo "Usage: `basename $0` {backup file to restore}" + echo " must specify the name of the file to restore. Assumed to be in format:" + echo " {entityId}-itcm-db.{timestamp}.backup.gz " + exit $E_NOARGS +fi + +function prop { + grep "${1}" .env/itcm-shared.properties|cut -d'=' -f2 +} + +entityId=$(prop 'entityId' | tr -d '"') +dbContainerName="$entityId-itcm-db" +appContainerName="$entityId-itcm-app" +target="itcmdb" + +echo +echo "Preparing to restore" +echo "--------------------" +echo " file: $sourceFile" +echo " to $dbContainerName database: $target" +echo " " +echo "WARNING: This operation will DELETE and replace any exising database" +echo " " + +read -e -p "Continue? <y/N> " answer +case $answer in + y | Y | yes | YES ) answer="y";; + n | N | no | NO ) answer="n";; + *) answer="n" +esac + +if [ "$answer" == "y" ] +then + echo "stopping application service $appContainerName" + docker stop $appContainerName + + echo "copy backup file to database container" + docker cp ${sourceFile} ${dbContainerName}:/tmp/restore.backup.gz + + echo "starting database restore" + docker exec -t -u postgres $dbContainerName sh -c "gunzip -f /tmp/restore.backup.gz -c | psql" + +fi