Mercurial > public > ssdt-docker
changeset 608:5cb80996e4d5 tip
fix name of ipdp install, add backup/restore/update scripts
| author | Justin Kleinknecht <justin.kleinknecht@mcoecn.org> |
|---|---|
| date | Tue, 01 Jul 2025 21:00:04 +0100 |
| parents | 3ec3180d23a4 |
| children | |
| files | prod/install-ipdp-app.sh prod/update-ipdp-app.sh scripts/backup-ipdp.sh scripts/restore-ipdp.sh |
| diffstat | 4 files changed, 259 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/prod/install-ipdp-app.sh Tue Jul 01 21:00:04 2025 +0100 @@ -0,0 +1,64 @@ +#!/bin/bash +# +# Copyright (c) 2025. Ohio Department of Education. - All Rights Reserved. +# Unauthorized copying of this file, in any medium, is strictly prohibited. +# Written by the State Software Development Team (http://ssdt.oecn.k12.oh.us/) +# +# + +# +# read required env variables +BASEDIR="$PWD" +source $BASEDIR/.env/ipdp-shared.properties +source $BASEDIR/.env/ipdp-app.properties +# docker login +echo "Attempting to login to $artifactUrl" +docker login $artifactUrl -u $artifactUser -p $artifactPassword +# docker pull db image +echo "Attempting to pull $artifactUrl/ipdp-app:$appVersion" +docker pull $artifactUrl/ipdp-app:$appVersion +# +# Builder docker run command based on settings in env files +echo "Building docker run command" +dockerRunCommand="docker run --name $entityId-ipdp-app + --restart=unlipdp-stopped + --network $entityId-ipdp-net + -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-ipdp-db:5432/ipdpdb + -e SPRING_DATASOURCE_DRIVER_CLASS_NAME=org.postgresql.Driver + -e SPRING_DATASOURCE_USERNAME=postgres + -e SPRING_DATASOURCE_PASSWORD=$dbPassword + -e SPRING_PROFILES_ACTIVE=prod + -e APPLICATION_ADMIN_PASSWORD=$adminPassword + -e APPLICATION_ADMIN_RESET=$resetAdminPassword + -e USPS_CONFIGURATION_HOST=$uspsHost + -e USPS_CONFIGURATION_PORT=$uspsPort + -e USPS_CONFIGURATION_APIKEY=$uspsApiKey + -e USPS_CONFIGURATION_REMOTEAPIKEY=$uspsRemoteApiKey + -e USPS_CONFIGURATION_CONTEXT=$uspsContext + -e JAVA_OPTS=$java_opts" +# +if [ ! -z "$virtualHost" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost" +fi +# +if [ ! -z "$virtualPort" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_PORT=$virtualPort" +fi +# +if [ ! -z "$letsencryptHost" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_HOST=$letsencryptHost" +fi +# +if [ ! -z "$letsencryptEmail" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_EMAIL=$letsencryptEmail" +fi +# +if [ ! -z "$hostPort" ]; then + dockerRunCommand="$dockerRunCommand -p $hostPort" +fi +# +dockerRunCommand="$dockerRunCommand -d $artifactUrl/ipdp-app:$appVersion" +# +# Execute constructed docker run command to create $entityId-ipdp-app container connected to db and docker network +echo "Executing docker run command" +$dockerRunCommand
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/prod/update-ipdp-app.sh Tue Jul 01 21:00:04 2025 +0100 @@ -0,0 +1,139 @@ +#!/bin/bash +# +# read required env variables +BASEDIR="$PWD" +source $BASEDIR/.env/ipdp-shared.properties +source $BASEDIR/.env/ipdp-app.properties +# +# docker login +echo "Attempting to login to $artifactUrl" +docker login $artifactUrl -u $artifactUser -p $artifactPassword +# +# docker pull app image +echo "Attempting to pull $artifactUrl/ipdp-app:$appVersion" +docker pull $artifactUrl/ipdp-app:$appVersion +# +# docker stop ipdp app container +echo "Attempting to stop $entityId-ipdp-app container" +docker stop $entityId-ipdp-app +# +# docker rm ipdp app container +echo "Attempting to remove $entityId-ipdp-app container" +docker rm $entityId-ipdp-app +# +# Builder docker run command based on settings in env files +echo "Building docker run command" +dockerRunCommand="docker run --name $entityId-ipdp-app + --restart=unlipdp-stopped + --network $entityId-ipdp-net + -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-ipdp-db:5432/ipdpdb + -e SPRING_DATASOURCE_DRIVER_CLASS_NAME=org.postgresql.Driver + -e SPRING_DATASOURCE_USERNAME=postgres + -e SPRING_DATASOURCE_PASSWORD=$dbPassword + -e SPRING_PROFILES_ACTIVE=prod + -e APPLICATION_ADMIN_PASSWORD=$adminPassword + -e APPLICATION_ADMIN_RESET=$resetAdminPassword + -e USPS_CONFIGURATION_HOST=$uspsHost + -e USPS_CONFIGURATION_PORT=$uspsPort + -e USPS_CONFIGURATION_APIKEY=$uspsApiKey + -e USPS_CONFIGURATION_REMOTEAPIKEY=$uspsRemoteApiKey + -e WORKFLOWS_CONFIGURATION_HOST=$workflowsHost + -e WORKFLOWS_CONFIGURATION_PORT=$workflowsPort + -e WORKFLOWS_CONFIGURATION_API_KEY=$workflowsApiKey + -e WORKFLOWS_CONFIGURATION_REMOTE_API_KEY=$workflowsRemoteApiKey + -e JAVA_OPTS=$java_opts" +# +if [ ! -z "$virtualHost" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost" +fi +# +if [ ! -z "$virtualPort" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_PORT=$virtualPort" +fi +# +if [ ! -z "$letsencryptHost" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_HOST=$letsencryptHost" +fi +# +if [ ! -z "$letsencryptEmail" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_EMAIL=$letsencryptEmail" +fi +# +if [ ! -z "$hostPort" ]; then + dockerRunCommand="$dockerRunCommand -p $hostPort" +fi +# +# +if [ ! -z "$duoEnabled" ]; then + echo "Adding Duo Configuration" + dockerRunCommand="$dockerRunCommand + -e DUO_ENABLED=$duoEnabled + -e DUO_CLIENT_ID=$duoClientId + -e DUO_CLIENT_SECRET=$duoClientSecret + -e DUO_API_HOSTNAME=$duoApiHostname + -e DUO_FAIL_OPEN=$duoFailOpen + -e DUO_ESS_HOST=$duoipdpHost + -e DUO_ESS_PORT=$duoipdpPort + -e DUO_ESS_CONTEXT=$duoipdpContext + -e DUO_MINUTES_UNTIL_EXPIRATION=$duoMinutesUntilExpiration" +fi +# +# +if [ ! -z "$miniOrangeEnabled" ]; then + echo "Adding MiniOrange Configuration" + dockerRunCommand="$dockerRunCommand + -e MINI_ORANGE_ENABLED=$miniOrangeEnabled + -e MINI_ORANGE_CLIENT_ID=$miniOrangeClientId + -e MINI_ORANGE_CLIENT_SECRET=$miniOrangeClientSecret + -e MINI_ORANGE_API_HOSTNAME=$miniOrangeApiHostname + -e MINI_ORANGE_FAIL_OPEN=$miniOrangeFailOpen + -e MINI_ORANGE_APP_HOST=$miniOrangeipdpHost + -e MINI_ORANGE_MINUTES_UNTIL_EXPIRATION=$miniOrangeMinutesUntilExpiration" +fi +# +# +if [ ! -z "$ads_config1_enabled" ]; then + echo "Add Window Active Director Configuration 1" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG1_ENABLED=$ads_config1_enabled + -e SSDT_ADS_CONFIG1_DOMAIN=$ads_config1_domain + -e SSDT_ADS_CONFIG1_LDAP_URL=$ads_config1_ldap_url + -e SSDT_ADS_CONFIG1_ROOT_DN=$ads_config1_root_dn + -e SSDT_ADS_CONFIG1_SEARCH_FILTER=$ads_config1_search_filter" +fi +# +# +if [ ! -z "$ads_config2_enabled" ]; then + echo "Add Window Active Director Configuration 2" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG2_ENABLED=$ads_config2_enabled + -e SSDT_ADS_CONFIG2_DOMAIN=$ads_config2_domain + -e SSDT_ADS_CONFIG2_LDAP_URL=$ads_config2_ldap_url + -e SSDT_ADS_CONFIG2_ROOT_DN=$ads_config2_root_dn + -e SSDT_ADS_CONFIG2_SEARCH_FILTER=$ads_config2_search_filter" +fi +# +# +if [ ! -z "$ads_config3_enabled" ]; then + echo "Add Window Active Director Configuration 3" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG3_ENABLED=$ads_config3_enabled + -e SSDT_ADS_CONFIG3_DOMAIN=$ads_config3_domain + -e SSDT_ADS_CONFIG3_LDAP_URL=$ads_config3_ldap_url + -e SSDT_ADS_CONFIG3_ROOT_DN=$ads_config3_root_dn + -e SSDT_ADS_CONFIG3_SEARCH_FILTER=$ads_config3_search_filter" +fi +# +# +support_instance=${support_instance:-false} +if [ "$support_instance" = "true" ]; then + echo "Setting application instance type to Support" + dockerRunCommand="$dockerRunCommand -e APPLICATION_INSTANCE_TYPE=Support" +fi +# +# +dockerRunCommand="$dockerRunCommand -d $artifactUrl/ipdp-app:$appVersion" +# +# Execute constructed docker run command to create $entityId-ipdp-app container connected to db and docker network +echo "Executing docker run command" +$dockerRunCommand
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/scripts/backup-ipdp.sh Tue Jul 01 21:00:04 2025 +0100 @@ -0,0 +1,5 @@ +#!/bin/bash + +source "${SSDT_SCRIPTS:-$(dirname "${BASH_SOURCE[0]}")}/.functions.sh" + +${SSDT_SCRIPTS}/backup-container-docker.sh ipdpdb ${1}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/scripts/restore-ipdp.sh Tue Jul 01 21:00:04 2025 +0100 @@ -0,0 +1,51 @@ +#!/bin/bash + +source "${SSDT_SCRIPTS:-$(dirname "${BASH_SOURCE[0]}")}/.functions.sh" + +sourceFile=${1?must provide backup file to be restored} + +if [ -z "$1" ] +then + echo "Usage: `basename $0` {backup file to restore}" + echo " must specify the name of the file to restore. Assumed to be in format:" + echo " {entityId}-ipdp-db.{timestamp}.backup.gz " + exit $E_NOARGS +fi + +function prop { + grep "${1}" .env/ipdp-shared.properties|cut -d'=' -f2 +} + +entityId=$(prop 'entityId' | tr -d '"') +dbContainerName="$entityId-ipdp-db" +appContainerName="$entityId-ipdp-app" +target="ipdpdb" + +echo +echo "Preparing to restore" +echo "--------------------" +echo " file: $sourceFile" +echo " to $dbContainerName database: $target" +echo " " +echo "WARNING: This operation will DELETE and replace any exising database" +echo " " + +read -e -p "Continue? <y/N> " answer +case $answer in + y | Y | yes | YES ) answer="y";; + n | N | no | NO ) answer="n";; + *) answer="n" +esac + +if [ "$answer" == "y" ] +then + echo "stopping application service $appContainerName" + docker stop $appContainerName + + echo "copy backup file to database container" + docker cp ${sourceFile} ${dbContainerName}:/tmp/restore.backup.gz + + echo "starting database restore" + docker exec -t -u postgres $dbContainerName sh -c "gunzip -f /tmp/restore.backup.gz -c | psql" + +fi