changeset 408:e49038cbb14c

Add scripts for ITC Management application
author Marc Davis <marc.davis@mcoecn.org>
date Mon, 10 Oct 2022 14:32:06 -0400 (2022-10-10)
parents 4e35cb59f86c
children c059e112e719
files prod/backup-itcm.sh prod/install-itcm-app.sh prod/install-itcm-db.sh prod/restore-itcm.sh prod/update-itcm-app.sh
diffstat 5 files changed, 294 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/prod/backup-itcm.sh	Mon Oct 10 14:32:06 2022 -0400
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+source "${SSDT_SCRIPTS:-$(dirname "${BASH_SOURCE[0]}")}/.functions.sh"
+
+${SSDT_SCRIPTS}/backup-container-docker.sh itcmdb ${1}
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/prod/install-itcm-app.sh	Mon Oct 10 14:32:06 2022 -0400
@@ -0,0 +1,101 @@
+#!/bin/bash
+#
+# read required env variables
+BASEDIR="$PWD"
+source $BASEDIR/.env/itcm-shared.properties
+source $BASEDIR/.env/itcm-app.properties
+# docker login
+echo "Attempting to login to $artifactUrl"
+docker login $artifactUrl -u $artifactUser -p $artifactPassword
+# docker pull db image
+echo "Attempting to pull $artifactUrl/itcm-app:$appVersion"
+docker pull $artifactUrl/itcm-app:$appVersion
+#
+# Builder docker run command based on settings in env files
+echo "Building docker run command"
+dockerRunCommand="docker run --name $entityId-itcm-app
+  --restart=unless-stopped
+  --network $entityId-itcm-net
+  -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-itcm-db:5432/itcmdb
+  -e SPRING_DATASOURCE_DRIVER_CLASS_NAME=org.postgresql.Driver
+  -e SPRING_DATASOURCE_USERNAME=postgres
+  -e SPRING_DATASOURCE_PASSWORD=$dbPassword
+  -e SPRING_PROFILES_ACTIVE=prod 
+  -e APPLICATION_ADMIN_PASSWORD=$adminPassword
+  -e APPLICATION_ADMIN_RESET=$resetAdminPassword
+  -e JAVA_OPTS=$java_opts"
+#
+if [ ! -z "$virtualHost" ]; then
+    dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost"
+fi
+#
+if [ ! -z "$virtualPort" ]; then
+    dockerRunCommand="$dockerRunCommand -e VIRTUAL_PORT=$virtualPort"
+fi
+#
+if [ ! -z "$letsencryptHost" ]; then
+    dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_HOST=$letsencryptHost"
+fi
+#
+if [ ! -z "$letsencryptEmail" ]; then
+    dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_EMAIL=$letsencryptEmail"
+fi
+#
+if [ ! -z "$hostPort" ]; then
+    dockerRunCommand="$dockerRunCommand -p $hostPort"
+fi
+#
+#
+if [ ! -z "$duoEnabled" ]; then
+    echo "Adding Duo Configuration"
+    dockerRunCommand="$dockerRunCommand 
+        -e SSDT_DUO_ENABLED=$duoEnabled 
+        -e SSDT_DUO_CLIENT_ID=$duoClientId 
+        -e SSDT_DUO_CLIENT_SECRET=$duoClientSecret 
+        -e SSDT_DUO_API_HOSTNAME=$duoApiHostname 
+        -e SSDT_DUO_FAIL_OPEN=$duoFailOpen 
+        -e SSDT_DUO_ITCM_HOST=$duoItcmHost 
+        -e SSDT_DUO_ITCM_PORT=$duoItcmPort 
+        -e SSDT_DUO_ITCM_CONTEXT=$duoItcmContext 
+        -e SSDT_DUO_MINUTES_UNTIL_EXPIRATION=$duoMinutesUntilExpiration"
+fi
+#
+#
+if [ ! -z "$ads_config1_enabled" ]; then
+    echo "Add Window Active Director Configuration 1"
+    dockerRunCommand="$dockerRunCommand 
+    -e SSDT_ADS_CONFIG1_ENABLED=$ads_config1_enabled 
+    -e SSDT_ADS_CONFIG1_DOMAIN=$ads_config1_domain 
+    -e SSDT_ADS_CONFIG1_LDAP_URL=$ads_config1_ldap_url 
+    -e SSDT_ADS_CONFIG1_ROOT_DN=$ads_config1_root_dn 
+    -e SSDT_ADS_CONFIG1_SEARCH_FILTER=$ads_config1_search_filter"
+fi
+#
+#
+if [ ! -z "$ads_config2_enabled" ]; then
+    echo "Add Window Active Director Configuration 2"
+    dockerRunCommand="$dockerRunCommand 
+    -e SSDT_ADS_CONFIG2_ENABLED=$ads_config2_enabled 
+    -e SSDT_ADS_CONFIG2_DOMAIN=$ads_config2_domain 
+    -e SSDT_ADS_CONFIG2_LDAP_URL=$ads_config2_ldap_url 
+    -e SSDT_ADS_CONFIG2_ROOT_DN=$ads_config2_root_dn 
+    -e SSDT_ADS_CONFIG2_SEARCH_FILTER=$ads_config2_search_filter"
+fi
+#
+#
+if [ ! -z "$ads_config3_enabled" ]; then
+    echo "Add Window Active Director Configuration 3"
+    dockerRunCommand="$dockerRunCommand 
+    -e SSDT_ADS_CONFIG3_ENABLED=$ads_config3_enabled 
+    -e SSDT_ADS_CONFIG3_DOMAIN=$ads_config3_domain 
+    -e SSDT_ADS_CONFIG3_LDAP_URL=$ads_config3_ldap_url 
+    -e SSDT_ADS_CONFIG3_ROOT_DN=$ads_config3_root_dn 
+    -e SSDT_ADS_CONFIG3_SEARCH_FILTER=$ads_config3_search_filter"
+fi
+#
+#
+dockerRunCommand="$dockerRunCommand -d $artifactUrl/itcm-app:$appVersion"
+#
+# Execute constructed docker run command to create $entityId-itcm-app container connected to db and docker network
+echo "Executing docker run command"
+$dockerRunCommand
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/prod/install-itcm-db.sh	Mon Oct 10 14:32:06 2022 -0400
@@ -0,0 +1,26 @@
+#!/bin/bash
+#
+# read required env variables
+BASEDIR="$PWD"
+source $BASEDIR/.env/itcm-shared.properties
+source $BASEDIR/.env/itcm-db.properties
+#
+# docker login
+echo "attempting to login to $artifactUrl"
+docker login $artifactUrl -u $artifactUser -p $artifactPassword
+# docker pull db image
+echo "Attempting to pull $artifactUrl/itcm-$dbVersion"
+docker pull $artifactUrl/itcm-db:$dbVersion
+#
+# create itc management specific docker network for $entityId
+echo "Attempting to create $entityId-itcm-net docker network"
+docker network create $entityId-itcm-net
+# docker run itcm-db (data mounted as volume) connected to $entityId-itcm-net docker network
+echo "Attempting to execute docker run command"
+docker run --name $entityId-itcm-db \
+           --restart=unless-stopped \
+           --mount source=$entityId-itcm-db,target=/var/lib/postgresql/data \
+           --network $entityId-itcm-net \
+           -e POSTGRES_DB=itcmdb \
+           -e POSTGRES_PASSWORD=$dbPassword \
+           -d $artifactUrl/itcm-db:$dbVersion
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/prod/restore-itcm.sh	Mon Oct 10 14:32:06 2022 -0400
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+source "${SSDT_SCRIPTS:-$(dirname "${BASH_SOURCE[0]}")}/.functions.sh"
+
+sourceFile=${1?must provide backup file to be restored}
+
+if [ -z "$1" ]
+then
+  echo "Usage: `basename $0` {backup file to restore}"
+  echo " must specify the name of the file to restore.  Assumed to be in format:"
+  echo "     {entityId}-itcm-db.{timestamp}.backup.gz  "
+  exit $E_NOARGS
+fi
+
+function prop {
+   grep "${1}" .env/itcm-shared.properties|cut -d'=' -f2
+}
+
+entityId=$(prop 'entityId' | tr -d '"')
+dbContainerName="$entityId-itcm-db"
+appContainerName="$entityId-itcm-app"
+target="itcmdb"
+
+echo 
+echo "Preparing to restore"
+echo "--------------------"
+echo "   file: $sourceFile"
+echo "   to    $dbContainerName database: $target"
+echo " "
+echo "WARNING:  This operation will DELETE and replace any exising database"
+echo " "
+
+read -e -p "Continue? <y/N> " answer
+case $answer in
+     y | Y | yes | YES ) answer="y";;
+     n | N | no | NO ) answer="n";;
+     *) answer="n"
+esac
+
+if [ "$answer" == "y" ] 
+then
+  echo "stopping application service $appContainerName"
+  docker stop $appContainerName
+ 
+  echo "copy backup file to database container"
+  docker cp ${sourceFile} ${dbContainerName}:/tmp/restore.backup.gz
+
+  echo "starting database restore"
+  docker exec -t -u postgres $dbContainerName sh -c "gunzip -f /tmp/restore.backup.gz -c | psql"
+
+fi
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/prod/update-itcm-app.sh	Mon Oct 10 14:32:06 2022 -0400
@@ -0,0 +1,111 @@
+#!/bin/bash
+#
+# read required env variables
+BASEDIR="$PWD"
+source $BASEDIR/.env/itcm-shared.properties
+source $BASEDIR/.env/itcm-app.properties
+#
+# docker login
+echo "Attempting to login to $artifactUrl"
+docker login $artifactUrl -u $artifactUser -p $artifactPassword
+#
+# docker pull app image
+echo "Attempting to pull $artifactUrl/itcm-app:$appVersion"
+docker pull $artifactUrl/itcm-app:$appVersion
+#
+# docker stop itcm app container
+echo "Attempting to stop $entityId-itcm-app container"
+docker stop $entityId-itcm-app
+#
+# docker rm itcm app container
+echo "Attempting to remove $entityId-itcm-app container"
+docker rm $entityId-itcm-app
+#
+# Builder docker run command based on settings in env files
+echo "Building docker run command"
+dockerRunCommand="docker run --name $entityId-itcm-app
+  --restart=unless-stopped
+  --network $entityId-itcm-net
+  -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-itcm-db:5432/itcmdb
+  -e SPRING_DATASOURCE_DRIVER_CLASS_NAME=org.postgresql.Driver
+  -e SPRING_DATASOURCE_USERNAME=postgres
+  -e SPRING_DATASOURCE_PASSWORD=$dbPassword
+  -e SPRING_PROFILES_ACTIVE=prod 
+  -e APPLICATION_ADMIN_PASSWORD=$adminPassword
+  -e APPLICATION_ADMIN_RESET=$resetAdminPassword
+  -e JAVA_OPTS=$java_opts"
+#
+if [ ! -z "$virtualHost" ]; then
+    dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost"
+fi
+#
+if [ ! -z "$virtualPort" ]; then
+    dockerRunCommand="$dockerRunCommand -e VIRTUAL_PORT=$virtualPort"
+fi
+#
+if [ ! -z "$letsencryptHost" ]; then
+    dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_HOST=$letsencryptHost"
+fi
+#
+if [ ! -z "$letsencryptEmail" ]; then
+    dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_EMAIL=$letsencryptEmail"
+fi
+#
+if [ ! -z "$hostPort" ]; then
+    dockerRunCommand="$dockerRunCommand -p $hostPort"
+fi
+#
+#
+if [ ! -z "$duoEnabled" ]; then
+    echo "Adding Duo Configuration"
+    dockerRunCommand="$dockerRunCommand 
+        -e SSDT_DUO_ENABLED=$duoEnabled 
+        -e SSDT_DUO_CLIENT_ID=$duoClientId 
+        -e SSDT_DUO_CLIENT_SECRET=$duoClientSecret 
+        -e SSDT_DUO_API_HOSTNAME=$duoApiHostname 
+        -e SSDT_DUO_FAIL_OPEN=$duoFailOpen 
+        -e SSDT_DUO_ITCM_HOST=$duoItcmHost 
+        -e SSDT_DUO_ITCM_PORT=$duoItcmPort 
+        -e SSDT_DUO_ITCM_CONTEXT=$duoItcmContext 
+        -e SSDT_DUO_MINUTES_UNTIL_EXPIRATION=$duoMinutesUntilExpiration"
+fi
+#
+#
+if [ ! -z "$ads_config1_enabled" ]; then
+    echo "Add Window Active Director Configuration 1"
+    dockerRunCommand="$dockerRunCommand 
+    -e SSDT_ADS_CONFIG1_ENABLED=$ads_config1_enabled 
+    -e SSDT_ADS_CONFIG1_DOMAIN=$ads_config1_domain 
+    -e SSDT_ADS_CONFIG1_LDAP_URL=$ads_config1_ldap_url 
+    -e SSDT_ADS_CONFIG1_ROOT_DN=$ads_config1_root_dn 
+    -e SSDT_ADS_CONFIG1_SEARCH_FILTER=$ads_config1_search_filter"
+fi
+#
+#
+if [ ! -z "$ads_config2_enabled" ]; then
+    echo "Add Window Active Director Configuration 2"
+    dockerRunCommand="$dockerRunCommand 
+    -e SSDT_ADS_CONFIG2_ENABLED=$ads_config2_enabled 
+    -e SSDT_ADS_CONFIG2_DOMAIN=$ads_config2_domain 
+    -e SSDT_ADS_CONFIG2_LDAP_URL=$ads_config2_ldap_url 
+    -e SSDT_ADS_CONFIG2_ROOT_DN=$ads_config2_root_dn 
+    -e SSDT_ADS_CONFIG2_SEARCH_FILTER=$ads_config2_search_filter"
+fi
+#
+#
+if [ ! -z "$ads_config3_enabled" ]; then
+    echo "Add Window Active Director Configuration 3"
+    dockerRunCommand="$dockerRunCommand 
+    -e SSDT_ADS_CONFIG3_ENABLED=$ads_config3_enabled 
+    -e SSDT_ADS_CONFIG3_DOMAIN=$ads_config3_domain 
+    -e SSDT_ADS_CONFIG3_LDAP_URL=$ads_config3_ldap_url 
+    -e SSDT_ADS_CONFIG3_ROOT_DN=$ads_config3_root_dn 
+    -e SSDT_ADS_CONFIG3_SEARCH_FILTER=$ads_config3_search_filter"
+fi
+#
+#
+dockerRunCommand="$dockerRunCommand -d $artifactUrl/itcm-app:$appVersion"
+#
+# Execute constructed docker run command to create $entityId-itcm-app container connected to db and docker network
+echo "Executing docker run command"
+$dockerRunCommand
\ No newline at end of file